31b9647ab8eaef2dea39c70d06546502_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31b9647ab8eaef2dea39c70d06546502_JaffaCakes118
Size

281KB
MD5

31b9647ab8eaef2dea39c70d06546502
SHA1

93ca499864ab90663937cdf768a9362bdcf2d445
SHA256

4e884644556b9ed4015ab52fda1275b7fc15c5eed8ff595f685654cfeb9b3d63
SHA512

7d7132b2ae9f591068fb32be896d0042536a1c24c82038d6a243d6167adf6247f252d9ec23f65b7e66bb4ea1af89e362ceccb85f80f9e217539ad200f926af35
SSDEEP

6144:lMipEVsp0lVNpRXKjxJDM4+6UVg5foVF5yCoEg3R+6CD:CfVqYfKjxJDMGUV2fWKagY6CD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31b9647ab8eaef2dea39c70d06546502_JaffaCakes118

Files

31b9647ab8eaef2dea39c70d06546502_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21c6da6c09330eb653569242d1c7a7d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
QueryServiceConfig2A
RegCloseKey
RegDeleteKeyA
RegQueryValueA
StartServiceA
StartServiceCtrlDispatcherA
UnlockServiceDatabase

kernel32

CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
DeleteCriticalSection
DeleteFileA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FreeLibrary
GetCPInfo
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetOEMCP
GetPrivateProfileSectionNamesA
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempFileNameA
GetTimeZoneInformation
GetWindowsDirectoryA
GlobalHandle
GlobalUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
LeaveCriticalSection
LoadResource
LocalFree
LockResource
MapViewOfFile
Module32First
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadProcessMemory
RemoveDirectoryA
SearchPathA
SetErrorMode
SetLastError
SetPriorityClass
SetStdHandle
SetThreadPriority
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualQuery
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

CharLowerA
CharNextA
CharPrevA
CharUpperA
CheckRadioButton
DestroyIcon
DispatchMessageA
DrawIcon
DrawTextA
EnableMenuItem
EndDialog
GetCursorPos
GetDlgCtrlID
GetDlgItemTextA
GetKeyState
GetMessagePos
GetWindowDC
IsRectEmpty
IsWindow
MessageBoxA
PeekMessageA
PtInRect
SendDlgItemMessageA
SetFocus
SetWindowLongA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 231KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c6da6c09330eb653569242d1c7a7d7

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 26KB - Virtual size: 28KB

.INIT Size: 231KB - Virtual size: 2.8MB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 28KB

.INIT
Size: 231KB - Virtual size: 2.8MB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 4KB