3159d9c340589d948865ff03b42dcb88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3159d9c340589d948865ff03b42dcb88_JaffaCakes118
Size

60KB
MD5

3159d9c340589d948865ff03b42dcb88
SHA1

c8368f2fc0c80d05ec65463a851d78aac147804f
SHA256

c77317e5efa3134e56b66c8056a2a1dc4051ea2b6615bab12d1f101f4235351f
SHA512

26e610fddb30388a3619a293b79e052d5d9bf5b589a265837002994deed953616bb31d44beb4fbb26821780bdb1e2f67083b894e0388c646f3bf0ffd62c7ac49
SSDEEP

768:nl0pmCgZKH0CtjoNMNQ75/Oa+KRtJlBOKpVVvBnteuR7tLNer:l06O0CtjowQ7pJlBOKpL+uhtLO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3159d9c340589d948865ff03b42dcb88_JaffaCakes118

Files

3159d9c340589d948865ff03b42dcb88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8ea3f36ec00e78735bcb2ca0c51c479

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetModuleFileNameA
GetModuleHandleA
MoveFileExA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
GetOEMCP
GetACP
CreateThread
GetDiskFreeSpaceA
Sleep
LoadLibraryA
GetProcAddress
GetLogicalDrives
GetLastError
OpenMutexA
CloseHandle
GetWindowsDirectoryA
GetFileAttributesA
SetFileAttributesA
SetLastError
GetCPInfo
FlushFileBuffers
SetStdHandle
WriteFile
RtlUnwind
WaitForSingleObject
ResetEvent
CreateEventA
DeviceIoControl
ReadFile
SetFilePointer
CreateFileA
GetDriveTypeA
GetVersionExA
FreeLibrary
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

UnregisterDeviceNotification
MessageBoxA
SendInput
RegisterDeviceNotificationA

advapi32

SetServiceStatus
StartServiceCtrlDispatcherA
CreateServiceA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegisterServiceCtrlHandlerExA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8ea3f36ec00e78735bcb2ca0c51c479

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 920B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 920B