06ee7dc1d75ff960334d0b22393ef2f8_JaffaCakes118

General

Target

06ee7dc1d75ff960334d0b22393ef2f8_JaffaCakes118
Size

14KB
MD5

06ee7dc1d75ff960334d0b22393ef2f8
SHA1

b721970e4ab0949db982c5169893efcf1816827a
SHA256

1c4627e227635ec52282f67cdc15668c5949027991a207e871fb48ad1523878a
SHA512

72344c240cdfef27f3db2e62a56453b256382006e021f2a11d5659d598674d87c9792600651157c678de3ac4cd2910cfa8aaa60d02d9ecd705c2c2021f92331e
SSDEEP

192:o0XCisjggxILZWosPjFB6kV+pPOKe4cUEtkL9rtrLk5yNYc0kl6g/IkQ+IW5/f:ouhsJB6kiIDBtkfkzch/2+IW5/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06ee7dc1d75ff960334d0b22393ef2f8_JaffaCakes118

Files

06ee7dc1d75ff960334d0b22393ef2f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5ed6a320aa14c6e9e5e159d61845982

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stricmp
__getmainargs
_initterm
__p___initenv
_XcptFilter
_exit
exit

advapi32

RegCloseKey
RegQueryValueExA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegOpenKeyExA

kernel32

GetProcAddress
LoadLibraryExA
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcessId
CreateThread
GetModuleHandleA
LocalAlloc
SetErrorMode
Sleep
DeleteCriticalSection
FreeLibrary
SetEvent
CloseHandle
CreateEventA
GetLastError
LocalFree
lstrcmpiA
LoadLibraryA
GetVersionExA
SetLastError
LeaveCriticalSection

user32

DispatchMessageA
wsprintfA
MsgWaitForMultipleObjects
GetMessageA
TranslateMessage
DefWindowProcA
CreateWindowExA
RegisterClassA

ole32

CoInitializeEx
CoUninitialize

iisrtl

_PuInitiateDebug@0
PuDeleteDebugPrintsObject
PuDbgPrint
PuCreateDebugPrintsObject
_PuUninitiateDebug@0

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5ed6a320aa14c6e9e5e159d61845982

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

iisrtl

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 300B

.rsrc Size: 2KB - Virtual size: 26KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 300B

.rsrc
Size: 2KB - Virtual size: 26KB