39409187f303c8130f3ae8f742954fd2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39409187f303c8130f3ae8f742954fd2_JaffaCakes118
Size

1.2MB
MD5

39409187f303c8130f3ae8f742954fd2
SHA1

b67691e3c242fb598ae926f42d30a78e6dc960ec
SHA256

8ad00861c70407272085c19305e15dc94309cfb5108e2156f3306a1b1ae97abf
SHA512

352b490d02d14afebca6f055fafde6f70f4066519c8a7a6cb0bb86ed13ca1960fd70dc8e204f7704d6c560df1565bb1aa4b097506354f80e995bab7563e5dec8
SSDEEP

12288:Ve9SZKSUbJZK3H74VL0hObrMJ+AN3jxvYggYjqUn78VB3U2CXCUmUE2SVqbcxpdL:Vsr++SNv3n76hCXCPXAbcRGYsE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39409187f303c8130f3ae8f742954fd2_JaffaCakes118

Files

39409187f303c8130f3ae8f742954fd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a86cf16aeb73bc296e4965d2d0b40e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetShareDel
NetShareAdd

kernel32

FileTimeToLocalFileTime
FindFirstFileA
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
MultiByteToWideChar
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
LockResource
SizeofResource
FileTimeToSystemTime
FindResourceA
GetModuleHandleA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
CreatePipe
DeleteFileA
ExpandEnvironmentStringsA
GetDiskFreeSpaceExA
GetModuleFileNameA
SetEndOfFile
ReadFile
CreateFileA
GetFileAttributesA
FindNextFileA
GetLastError
FindClose
SetCurrentDirectoryA
Sleep
AllocConsole
GetStdHandle
SetConsoleCtrlHandler
GetVersionExA
SetEnvironmentVariableA
GetCurrentDirectoryA
LoadResource
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
SetStdHandle
GetFileType
RtlUnwind
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
WriteFile
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW

advapi32

ControlService
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
EnumServicesStatusA
DeleteService
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a86cf16aeb73bc296e4965d2d0b40e4

Headers

File Characteristics

Imports

netapi32

kernel32

advapi32

shell32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 3.6MB - Virtual size: 3.6MB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 3.6MB - Virtual size: 3.6MB