1982c5ab9f07026348633c2618b9868a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1982c5ab9f07026348633c2618b9868a_JaffaCakes118
Size

364KB
MD5

1982c5ab9f07026348633c2618b9868a
SHA1

a0592bbbeef24fff31e1d0322af045b84a442a39
SHA256

f910581d1a3d657e5b8f71460cdf078ffc249254b7bb831a60bea4911bfd5b3b
SHA512

e12f8fd7e68b0139321636732737f801029fec57d4014e118e032f0ed2bcecaedefda757f45d478e87995ac6a9c31e25bd2fb330378cda3237efd9309f8b73b3
SSDEEP

6144:vkujlPsSgxJAFr2n+BqTa1zHOgyog52/p1oja2tK/1UMigKYKA3F7ZzYnzK5HG7d:MuBsjA55X/cPtK/1UNYKAtZ0YWd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1982c5ab9f07026348633c2618b9868a_JaffaCakes118

Files

1982c5ab9f07026348633c2618b9868a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cff4d613cb4bafdb61c30a49c4be98cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

iphlpapi

GetAdaptersInfo

user32

ExitWindowsEx
wsprintfA

psapi

GetModuleFileNameExA

shlwapi

StrStrIA

kernel32

GetProcAddress
LoadLibraryA
MultiByteToWideChar
Process32Next
TerminateProcess
OpenProcess
lstrcmpA
Process32First
CreateToolhelp32Snapshot
GetTickCount
GetSystemDirectoryA
GetDriveTypeA
ExitProcess
MoveFileA
CopyFileA
ReadProcessMemory
VirtualQueryEx
GetSystemInfo
WriteFile
GetFileAttributesA
lstrcpynA
GetShortPathNameA
GetTempFileNameA
GetWindowsDirectoryA
SetEndOfFile
SetFilePointer
GetFullPathNameA
Thread32Next
SuspendThread
OpenThread
Thread32First
GetVersionExA
RemoveDirectoryA
lstrlenA
DuplicateHandle
ReadFile
UnmapViewOfFile
lstrcatA
CreateFileMappingA
FreeResource
VirtualFree
VirtualAlloc
LockResource
LoadResource
GetModuleHandleA
TerminateThread
FindResourceA
FreeLibrary
GetModuleFileNameA
GetLocalTime
WritePrivateProfileStringA
GetPrivateProfileStringA
WideCharToMultiByte
SizeofResource
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetTempPathA
ReleaseMutex
CreateMutexA
SetConsoleTitleA
GetCurrentProcessId
GetCurrentDirectoryA
lstrlenW
WaitForSingleObject
DeviceIoControl
GetDiskFreeSpaceA
GetFileType
QueryDosDeviceA
GetLogicalDriveStringsA
lstrcmpiA
GetExitCodeThread
CreateThread
lstrcmpW
lstrcpyA
CreateFileA
SetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
GetVolumeInformationA
GetFileSize
VirtualProtectEx
GetCurrentProcess
CloseHandle
Sleep
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
SetEnvironmentVariableA
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
MapViewOfFile
CompareStringW
CompareStringA
GetLocaleInfoA
IsBadCodePtr
RtlUnwind
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
RaiseException
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetStartupInfoA
QueryPerformanceCounter
GetCurrentThreadId
InterlockedExchange
VirtualQuery
HeapDestroy
HeapCreate
IsBadWritePtr
FlushFileBuffers
VirtualProtect
GetACP
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetExitCodeProcess
CreateProcessA
IsBadReadPtr

advapi32

ControlService
DeleteService
OpenServiceA
OpenSCManagerA
CreateServiceA
RegCreateKeyA
CloseServiceHandle
RegDeleteValueA
RegSetValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegGetKeySecurity
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetAclInformation
GetAce
IsValidSid
LookupAccountSidA
GetSecurityDescriptorDacl
GetFileSecurityA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteA

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cff4d613cb4bafdb61c30a49c4be98cc

Headers

File Characteristics

Imports

shfolder

iphlpapi

user32

psapi

shlwapi

kernel32

advapi32

shell32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 32KB - Virtual size: 98KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 32KB - Virtual size: 98KB

.rsrc
Size: 48KB - Virtual size: 47KB