09a6e4c5ad32aa8788c2a91b6435a95a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09a6e4c5ad32aa8788c2a91b6435a95a_JaffaCakes118
Size

57KB
MD5

09a6e4c5ad32aa8788c2a91b6435a95a
SHA1

ddf4fdb809f9d359ceb343f54b340019ade31278
SHA256

f1c8a55d24209a5b0860496f53072d4b676e187cbc3f41f91b50ce1b02222471
SHA512

93cc61fa8b1bf9685a287cae3d035accb87cadeefc6cd49d93bdc653a04d52a4b0feed7f02a13dc19d67e6b7150f6b3cd3cdbe88d5d4698b9016ae4c7155c6c3
SSDEEP

1536:bi2WjncIgY+kWixKgek5weBSXtqle1T7wnAm:+2WTQazYgekBYXtqgBkF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09a6e4c5ad32aa8788c2a91b6435a95a_JaffaCakes118

Files

09a6e4c5ad32aa8788c2a91b6435a95a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c28c37093af0adb922247533c0473507

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlService
GetSecurityDescriptorControl
InitializeSecurityDescriptor
LockServiceDatabase
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
UnlockServiceDatabase

kernel32

CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentVariableA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetTempFileNameA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalReAlloc
GlobalUnlock
HeapCreate
HeapDestroy
InitializeCriticalSection
InterlockedCompareExchange
InterlockedIncrement
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalFree
MoveFileExA
QueryPerformanceCounter
RaiseException
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SystemTimeToFileTime
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualQuery
lstrlenA

user32

DestroyIcon
DestroyWindow
DrawTextA
FillRect
FindWindowA
GetDC
GetMenuItemCount
GetMessagePos
GetParent
GetWindowDC
IsWindowEnabled
LoadImageA
MapWindowPoints
MessageBoxA
MoveWindow
RegisterClipboardFormatA
RegisterWindowMessageA
SendDlgItemMessageA
SetCapture
SetRect
SetWindowLongA
SetWindowRgn
ShowWindow
TranslateMessage
UnregisterClassA
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c28c37093af0adb922247533c0473507

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 23KB - Virtual size: 24KB

.CRT Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 24KB

.CRT
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB