19bd6077eafbef0e7dba2ae3e30dcd07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19bd6077eafbef0e7dba2ae3e30dcd07_JaffaCakes118
Size

70KB
MD5

19bd6077eafbef0e7dba2ae3e30dcd07
SHA1

d9a7454d6b4b46a588f1d4f8b6dbdcca1b87f622
SHA256

c376e048262a325d32549b53a06599c5bf0f981d3e729d8563b27156601e9eec
SHA512

1bad7dee90dca2be966910619b6bcd5aaadb5a5c4dd3c57725f469f263ca73bb49aa2b8e83e58f8d8f5c2fed7a2f2d316263160bfc0693f58c86d8c6623d92ba
SSDEEP

768:JvaMmL4x3TNJsv3qbkm2QBXCO257Tg54OtsMtbwPqPLsyCTIbea7D57ap85nVk9:FuokLr57TCHFwiPLycbea7tamk9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19bd6077eafbef0e7dba2ae3e30dcd07_JaffaCakes118

Files

19bd6077eafbef0e7dba2ae3e30dcd07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8d9086770d52af16d3705dd3ac9f0a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
ControlService
FreeSid
LookupAccountSidA
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
RegCreateKeyExA
RegEnumValueA
RegSetValueExA

kernel32

AddAtomA
CloseHandle
CompareStringA
ContinueDebugEvent
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
DisableThreadLibraryCalls
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FindClose
FreeLibrary
GetACP
GetCommandLineA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsValidCodePage
LoadLibraryA
LoadResource
LocalFree
Module32Next
MulDiv
MultiByteToWideChar
OpenEventA
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetHandleCount
SetLastError
SetStdHandle
Sleep
SuspendThread
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualQuery
WaitForSingleObject
lstrcmpiA
lstrcpyA

user32

CheckMenuItem
CopyRect
CreateWindowExA
DialogBoxParamA
EnableWindow
GetClassNameA
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetMenuItemCount
GetMessageA
GetParent
GetSysColorBrush
GetWindowRect
GetWindowTextLengthA
InvalidateRect
IsWindow
LoadIconA
MessageBoxA
PostQuitMessage
PtInRect
RegisterWindowMessageA
ScreenToClient
SendDlgItemMessageA
SetCapture
SetDlgItemInt
TrackPopupMenu
UnhookWindowsHookEx

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vpdcr
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bmnvc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8d9086770d52af16d3705dd3ac9f0a4

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 32KB - Virtual size: 36KB

.bss Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

vpdcr Size: 1KB - Virtual size: 4KB

bmnvc Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.bss
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

vpdcr
Size: 1KB - Virtual size: 4KB

bmnvc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB