35a2e5faa556bc1a1cee5e2eb3dc2728_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

35a2e5faa556bc1a1cee5e2eb3dc2728_JaffaCakes118
Size

176KB
MD5

35a2e5faa556bc1a1cee5e2eb3dc2728
SHA1

0c8f4fe8133d61503aa5dd471d0e5977e4617682
SHA256

e97b1aa10420569f4f0d3f25ff80efbbcc9af645cb959c27c151f0ed3b1632b1
SHA512

0a427853e3147156dc9f0f68e3e4f7c686880822ad96fce8321aaab34c05f5da51763952553c7a3e91415ef07b9bc8640e7cdce6ca201c8601716a5c19dc368d
SSDEEP

3072:qYCBP/zOlQ3qjUqSlWbKVW1gUzSwwwwwwwwwwwwwwwwwwww6TzB8Wp4xXN/f4BNx:qYgP7/3qjUqSlWbUW1TBNpO05nTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a2e5faa556bc1a1cee5e2eb3dc2728_JaffaCakes118

Files

35a2e5faa556bc1a1cee5e2eb3dc2728_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dbea4d3728e952ab8c419b4df49f995

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineA
GetVersion
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
SetEnvironmentVariableA
VirtualFree
HeapFree
RtlUnwind
WriteFile
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
GetFileAttributesA
SetStdHandle
SetFilePointer
GetStringTypeA
GetStringTypeW
WaitForSingleObject
GetExitCodeProcess
CreateToolhelp32Snapshot
Process32First
Module32First
Process32Next
GetCurrentProcess
GetLastError
OpenProcess
OpenEventA
SetEvent
Sleep
TerminateProcess
CreateProcessA
CloseHandle
HeapCreate
GetModuleFileNameA

user32

EnumWindows
SendNotifyMessageA
GetWindowThreadProcessId

advapi32

RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ControlService
StartServiceA
QueryServiceStatus
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegSetValueExA

shell32

ShellExecuteExA

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tojhhit
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8dbea4d3728e952ab8c419b4df49f995

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 49KB - Virtual size: 77KB

tojhhit Size: 68KB - Virtual size: 68KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 49KB - Virtual size: 77KB

tojhhit
Size: 68KB - Virtual size: 68KB