1647d85764d17c670cb10733a0886a26_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1647d85764d17c670cb10733a0886a26_JaffaCakes118
Size

71KB
MD5

1647d85764d17c670cb10733a0886a26
SHA1

4de73bea5dfa5fe72e021499a74255d511d8e32e
SHA256

ce002c89a4d8eaa13cdedcaf11576548b7ceaa10fa1d3b77308f60bc69755ea7
SHA512

4b94f2322d69586771eccbeaf6995139656a2cd660ac13f4bfb9db1c4b0675ed092fc7a0834909ed6eda9d14c92775d24fb2c29ab57d7b3131a07be5e9fbe5e8
SSDEEP

1536:xPs7w3ffn/8SzjObxRWwjH3p2lZ6eZYB33COzguejkT:T3fX8/bxbj0hw3CkYjkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1647d85764d17c670cb10733a0886a26_JaffaCakes118

Files

1647d85764d17c670cb10733a0886a26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c73c214268566487b8e4d800118a009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
ChangeServiceConfig2A
CloseServiceHandle
GetUserNameA
OpenProcessToken
RegDeleteKeyA
RegQueryValueA
SetServiceStatus
StartServiceA

kernel32

CloseHandle
ContinueDebugEvent
CopyFileA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
DeleteCriticalSection
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FormatMessageA
GetConsoleCP
GetCurrentThread
GetDateFormatA
GetEnvironmentStringsA
GetFileSize
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetShortPathNameA
GetStringTypeA
GetSystemInfo
GetTimeFormatA
GetVersion
GetVersionExA
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
LoadLibraryA
LoadLibraryExA
LocalFree
MoveFileA
MoveFileExA
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryA
ResetEvent
RtlUnwind
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetLastError
SetPriorityClass
SuspendThread
TlsAlloc
TlsFree
UnhandledExceptionFilter
VirtualFree
VirtualProtect
WaitForSingleObject
WritePrivateProfileStringA

user32

BeginPaint
CharLowerA
CheckMenuItem
DispatchMessageA
DrawFocusRect
DrawTextA
EndDialog
FindWindowA
GetDC
GetFocus
GetMessageA
GetProcessWindowStation
GetSysColorBrush
GetWindowDC
GetWindowRect
InvalidateRect
KillTimer
LoadIconA
LoadStringA
MessageBoxA
PeekMessageA
RegisterClassA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SystemParametersInfoA
TranslateMessage
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ugpul
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ueduu
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c73c214268566487b8e4d800118a009

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 32KB - Virtual size: 36KB

.bss Size: 16KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

ugpul Size: 512B - Virtual size: 4KB

ueduu Size: 1KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.bss
Size: 16KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

ugpul
Size: 512B - Virtual size: 4KB

ueduu
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB