17b2c54fb92ea8fbe01e05a13bc371a2_JaffaCakes118

General

Target

17b2c54fb92ea8fbe01e05a13bc371a2_JaffaCakes118
Size

114KB
MD5

17b2c54fb92ea8fbe01e05a13bc371a2
SHA1

be884bb8a3fd7f5ed75be136e02135fd3f8e2615
SHA256

cc525aee573139342ef9219a9e6296d29836a15d7bd4041d1468d2d95c92d852
SHA512

ae4d3204f2c630379dcf6556f25051cf53ff6bb9bd4b25da5a0e77f1c10d2d988399f21477a28a091a2e90239a9aad3c839eb4bfea613e5c3376c1caf6770da0
SSDEEP

1536:M55SSFJ6xyXKOswjceZYqN5PTWcM+fpfc/UMyGwIH2ejJGo:M5576xgK7WNTWEfpc/ULGwIH2ejJGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17b2c54fb92ea8fbe01e05a13bc371a2_JaffaCakes118

Files

17b2c54fb92ea8fbe01e05a13bc371a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a2cc25a5184f5bbd40fb1c7e91776a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
LoadResource
FindResourceA
SetUnhandledExceptionFilter
Sleep
SizeofResource
GetCommandLineA
GetLocalTime
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleA
FreeResource
MultiByteToWideChar
GetVersion
CreateRemoteThread
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
lstrcpyA
lstrcatA
GetCurrentThread
GetProcAddress
ResumeThread
GetWindowsDirectoryA
MoveFileExA
CopyFileA
DeleteFileA
GetCurrentProcessId
FreeLibrary
GetCurrentProcess
ExitProcess
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
ReleaseMutex

user32

GetMessageA
GetInputState

advapi32

LockServiceDatabase
UnlockServiceDatabase
StartServiceA
CloseServiceHandle
LookupPrivilegeValueA
OpenServiceA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
EqualSid
GetAce
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA
GetUserNameA

msvcrt

_XcptFilter
_except_handler3
??3@YAXPAX@Z
strncmp
strtoul
isdigit
exit
??2@YAPAXI@Z
strstr
_exit
_strlwr
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.1111
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.22222
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a2cc25a5184f5bbd40fb1c7e91776a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

netapi32

Sections

.1111 Size: 7KB - Virtual size: 7KB

.22222 Size: 2KB - Virtual size: 2KB

.rsrc Size: 103KB - Virtual size: 104KB

.1111
Size: 7KB - Virtual size: 7KB

.22222
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 103KB - Virtual size: 104KB