06ed9806870fd170d0f9568dd61b08f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06ed9806870fd170d0f9568dd61b08f6_JaffaCakes118
Size

140KB
MD5

06ed9806870fd170d0f9568dd61b08f6
SHA1

5cb9647204ad4787384681c2d42e43dfac54ea9d
SHA256

ce10b3fc39a81700d2065da24cdd1ef4231d319d8fbb77231f3a91dff9234006
SHA512

2f3b2840c3f24d9222b248a902507e9493dfce69af865a7f72a01d6f6d9f9fb9e4ec76b2801dc280231db642d95ea2ee7eda9161ebe7c7c8eace10a06e0dd212
SSDEEP

3072:7KUPNNI7XCRJuJvleNJxjcSR4zBZ7DhEZ+gZePB08pAopBKuy9:Zsd1le/B7uf7NvEQepopBKuy9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ed9806870fd170d0f9568dd61b08f6_JaffaCakes118

Files

06ed9806870fd170d0f9568dd61b08f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e69395e38fa1cd3de20b1509a9e5348c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
OpenProcess
WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
WinExec
GetModuleFileNameA
DuplicateHandle
GetVersionExA
SetFileTime
GetFileAttributesExA
GetStartupInfoA
GetModuleHandleA
CloseHandle
GlobalAlloc
GlobalLock
Sleep
GlobalUnlock
GlobalFree
GetLastError
GetSystemDirectoryA

user32

DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
PostQuitMessage

advapi32

RegOpenKeyExA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA
RegCloseKey
RegQueryValueExA
ConvertSidToStringSidA
LookupAccountNameA
GetUserNameA
OpenServiceA

shlwapi

SHDeleteKeyA
StrStrA
SHSetValueA

msvcrt

_exit
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
rand
srand
time
sprintf
strstr
_access
fclose
fflush
fwrite
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
_stricmp
_XcptFilter
exit
_acmdln
__getmainargs

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e69395e38fa1cd3de20b1509a9e5348c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

version

dbghelp

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 108KB - Virtual size: 106KB

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 108KB - Virtual size: 106KB

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB