fb6ee5e1e44d9e87f15ba8c9602a2d99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb6ee5e1e44d9e87f15ba8c9602a2d99_JaffaCakes118
Size

260KB
MD5

fb6ee5e1e44d9e87f15ba8c9602a2d99
SHA1

b86457600c609361da32f5281c4243ddda9849d8
SHA256

babb54292da7d57fd5f0d4f2d5a586784917fa7b6efe436f41a5498a4695fe89
SHA512

e33aeeeed15af14573e75060f96dbe37e330ce8e57d6b8a5f08b894cb65968bc55d5c61fb5db4727e055621b85292fe3f25b0694b5012411e7d7da917496dab9
SSDEEP

6144:x/2I1SJpokyxTg19NWTBl+a94erw5EyKIKKtbmKedHRyG:A6SIkyxTGWT30erwOyKIKKtbmKedxyG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb6ee5e1e44d9e87f15ba8c9602a2d99_JaffaCakes118

Files

fb6ee5e1e44d9e87f15ba8c9602a2d99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9a1531c00429556389eab6758ec23b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetUnhandledExceptionFilter
lstrcmpA
GetCommandLineA
GetFileAttributesA
SetLastError
GetTempPathA
GetLocalTime
FindResourceA
LoadResource
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FreeResource
MoveFileA
SetFileAttributesA
DeleteFileA
MultiByteToWideChar
Sleep
GetProcAddress
WideCharToMultiByte
ExitProcess
lstrcatA
GetProcessHeap
HeapAlloc
GetModuleHandleA
HeapFree
LoadLibraryA
ReleaseMutex
GetStringTypeA
LCMapStringW
RtlUnwind
HeapReAlloc
RaiseException
GetStartupInfoA
GetVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
GetStringTypeW

advapi32

RegDeleteValueA
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
GetSecurityDescriptorControl
SetFileSecurityA

netapi32

NetApiBufferFree

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a1531c00429556389eab6758ec23b1

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 204KB - Virtual size: 200KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 204KB - Virtual size: 200KB