296623e043c67a9dbf67ff3244cfa23c_JaffaCakes118

General

Target

296623e043c67a9dbf67ff3244cfa23c_JaffaCakes118
Size

46KB
MD5

296623e043c67a9dbf67ff3244cfa23c
SHA1

9f62a3792a20f4133abeeb2cc823bf7f4a534237
SHA256

51d0b51ba05bf8701ceea85c4be0f9c34e232d6d34af4516613dec64a48241b1
SHA512

f682daa11df9dfb761b8a0ae34ce92a8d9409e3db12b958fa23875ce1bf02c17e06059688801a7f1af4f0a7e0459dfb0804ca2f104de02734ce1f96c671eac65
SSDEEP

768:FYhok54gdeTpU7p3gQMZZRsqUWi1sfylcC/1GFObh2T0mzEkQAkDjoM4P5ubTm:sagdmplQMzRsqN0cCSc0Q5DAujacbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
296623e043c67a9dbf67ff3244cfa23c_JaffaCakes118

Files

296623e043c67a9dbf67ff3244cfa23c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c85656d4eb967bac7b1b4f6510d3f0c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
StartServiceA
OpenServiceA
OpenSCManagerA
CreateServiceA
ControlService
DeleteService

shell32

ShellExecuteA

imagehlp

CheckSumMappedFile

kernel32

GetVersionExA
VirtualAlloc
VirtualFree
LocalFree
CloseHandle
LocalAlloc
ReadFile
SetFilePointer
CreateFileA
WriteFile
GetFileSize
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetLastError
DeleteFileA
GetTempPathA
ExitProcess
GetModuleFileNameA
IsBadReadPtr
GetModuleHandleA
GetProcAddress
CreateProcessA
ReadProcessMemory
GetCurrentProcess
Sleep
LoadLibraryA
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
CreateThread
CreateDirectoryA
GetSystemDirectoryA
OpenFile
FindNextFileA
FindFirstFileA
DeviceIoControl
WinExec
CopyFileA
lstrcatA
lstrcpyA
OutputDebugStringA

user32

wsprintfA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c85656d4eb967bac7b1b4f6510d3f0c1

Headers

File Characteristics

Imports

advapi32

shell32

imagehlp

kernel32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B