3a8f99b3a2903abce3111596e170a700_JaffaCakes118

General

Target

3a8f99b3a2903abce3111596e170a700_JaffaCakes118
Size

56KB
MD5

3a8f99b3a2903abce3111596e170a700
SHA1

2529cefb0222f9796aa86f5ca60077b709c344a9
SHA256

c57ff313367c4fe61246d9751384751233bace582f235914ee7a62378073a3a9
SHA512

eb1d3626c5d3e75a4e606315b1dcaee4323c812f948c085088995d5b6cf5cd3a6259f8522442b39b004aad3b9cf128f979d1e22784f0341d1f259d2847b5b84e
SSDEEP

768:OI9GppBqTmDUUk+Q8MhY5yoHhKVZgMUjcBHzTMJ8zjsXBC5ITxCq6GDKGqxvi2jM:OOx+Q8ntHhQiGBPeiSg52QH502jM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a8f99b3a2903abce3111596e170a700_JaffaCakes118

Files

3a8f99b3a2903abce3111596e170a700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a516731c5ac28b183f6f46572dc625dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
GetSystemTime
SetFileAttributesA
Sleep
WinExec
CloseHandle
WriteFile
OpenProcess
lstrcpyA
CreateProcessA
MoveFileA
CopyFileA
GetCommandLineA
GetStartupInfoA
GetLastError
lstrcatA
TerminateProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
DeleteFileA
GetModuleFileNameA
GetCurrentProcess
GetWindowsDirectoryA
CreateFileA
GetModuleHandleA
ExitProcess
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
GetLocalTime
lstrlenA
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
lstrcmpiA

user32

wsprintfA
CharUpperBuffA
MessageBoxA

advapi32

AdjustTokenPrivileges
SetServiceStatus
OpenSCManagerA
OpenServiceA
CreateServiceA
CloseServiceHandle
ChangeServiceConfigA
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenProcessToken
LookupPrivilegeValueA
StartServiceA

psapi

GetModuleFileNameExA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a516731c5ac28b183f6f46572dc625dc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

psapi

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB