b76043d23f0e0b409a6f1a40ba9e2ae1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b76043d23f0e0b409a6f1a40ba9e2ae1_JaffaCakes118
Size

15KB
MD5

b76043d23f0e0b409a6f1a40ba9e2ae1
SHA1

592ed5962fd62bbe7ba90daf0ef724899d0428ee
SHA256

ec1a2a8308303302294cfe916c505d12a2447f264c3a4336921e030540820ee2
SHA512

b060662423e955ad0e86d6f6e886327151cbe7df75c038d6c96fcfbbaae2f31ff645f0fde7e68ea921d5c03893f518daa2221151a33ce6db4bf595c5cdfccef0
SSDEEP

384:9v6S1Yq67gVjNxjw6okTxFH/YWlrhcXj2qYpyfW9hJbWWC:9vlK3MLlw6og/GXj2qSvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b76043d23f0e0b409a6f1a40ba9e2ae1_JaffaCakes118

Files

b76043d23f0e0b409a6f1a40ba9e2ae1_JaffaCakes118
.exe windows:6 windows x86 arch:x86

b2701f0792d6313636b3e6d00c020161

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

api-ms-win-core-crt-l2-1-0

_initterm

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

ExitProcess

api-ms-win-core-sysinfo-l1-2-1

GetTickCount

api-ms-win-core-errorhandling-l1-1-1

GetLastError

api-ms-win-service-winsvc-l1-2-0

RegisterServiceCtrlHandlerW

api-ms-win-service-core-l1-1-1

SetServiceStatus

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary

api-ms-win-core-synch-l1-2-0

InitializeSRWLock

api-ms-win-core-registry-l1-1-0

RegCloseKey

api-ms-win-core-processenvironment-l1-2-0

GetCommandLineW

api-ms-win-core-string-l1-1-0

CompareStringW

rpcrt4

RpcServerListen

api-ms-win-core-heap-l1-2-0

HeapFree

api-ms-win-core-localization-l1-2-1

LCMapStringW

api-ms-win-security-base-l1-2-0

GetLengthSid

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-heap-obsolete-l1-1-0

LocalFree

api-ms-win-core-sidebyside-l1-1-0

CreateActCtxW

api-ms-win-core-threadpool-private-l1-1-0

RegisterWaitForSingleObjectEx

ntdll

RtlCopySid

api-ms-win-core-delayload-l1-1-1

DelayLoadFailureHook

api-ms-win-core-crt-l1-1-0

memcpy

Sections

.MPRESS1
Size: 9KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b2701f0792d6313636b3e6d00c020161

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

api-ms-win-core-crt-l2-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-service-winsvc-l1-2-0

api-ms-win-service-core-l1-1-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-string-l1-1-0

rpcrt4

api-ms-win-core-heap-l1-2-0

api-ms-win-core-localization-l1-2-1

api-ms-win-security-base-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-sidebyside-l1-1-0

api-ms-win-core-threadpool-private-l1-1-0

ntdll

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-crt-l1-1-0

Sections

.MPRESS1 Size: 9KB - Virtual size: 36KB

.MPRESS2 Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.MPRESS1
Size: 9KB - Virtual size: 36KB

.MPRESS2
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB