387547281169992f2bdd32de40b7c15b_JaffaCakes118

General

Target

387547281169992f2bdd32de40b7c15b_JaffaCakes118
Size

122KB
MD5

387547281169992f2bdd32de40b7c15b
SHA1

1396d402c1f8abad0435a8c97398d86e1e1a596e
SHA256

d5914368b0c27374dbb99d1f0b79940d7319f740a5f0b768f5c65c4b4987f6c3
SHA512

5f1077ff72aeb6fd874fdaaf24e731d8b15a1024cb1c7e84a0f0ab60504f1a0b9b3359127ffc45ff87993b8c4aa625474db1b0d1d290b6a088330482c5d1539d
SSDEEP

768:bvpxI1wcOeFb712yFoFXL63yzKSlgS0EQcOoETj2xcKeJ4+rw0tayuN+8ol73U9k:NxQz3DSFXL6CztlsyEfJ4+rgfNkxEOiu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
387547281169992f2bdd32de40b7c15b_JaffaCakes118

Files

387547281169992f2bdd32de40b7c15b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6e81ce43232689503e5854ae54a7f21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
DeleteFileA
CreateEventA
GetLastError
ReadFile
GetFileSize
DeviceIoControl
ExpandEnvironmentStringsA
FreeLibrary
SetEvent
WaitForMultipleObjects
CopyFileA
HeapFree
HeapAlloc
GetProcessHeap
TerminateProcess
GetSystemDirectoryA
LoadLibraryA
Process32First
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
SetFileAttributesA
GetCurrentProcess
GetFileAttributesA
SetFilePointer
WriteFile
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleHandleA
GetProcAddress
GetStartupInfoA
CreateProcessA
CreateFileA
CloseHandle
GlobalFindAtomA
GlobalAddAtomA
GetTickCount
CreateDirectoryA
Sleep

user32

CopyIcon
LoadCursorA
SetSystemCursor

advapi32

RegQueryValueExA
GetAclInformation
GetLengthSid
InitializeAcl
AddAce
GetAce
EqualSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
GetFileSecurityA
LookupAccountNameA
GetSecurityDescriptorDacl

ntdll

RtlUnwind
_chkstk
strstr
sprintf
_stricmp
_strcmpi

msvcrt

_XcptFilter
__p__commode
_adjust_fdiv
__setusermatherr
_controlfp
__set_app_type
free
malloc
fclose
_beginthreadex
fscanf
fopen
_exit
_initterm
exit
_acmdln
__getmainargs
__p__fmode

Sections

VL�Y��
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6e81ce43232689503e5854ae54a7f21

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ntdll

msvcrt

Sections

VL�Y��� Size: 118KB - Virtual size: 118KB

VL�Y��
Size: 118KB - Virtual size: 118KB