3d4de51975e8f74a522c819b609bf71a_JaffaCakes118

General

Target

3d4de51975e8f74a522c819b609bf71a_JaffaCakes118
Size

192KB
MD5

3d4de51975e8f74a522c819b609bf71a
SHA1

67b7cbb5d934f7602d7dceca5156e55fb49dee50
SHA256

9fb4848a582997c6ded0e6d5fb9ca20c55d7b168a8f6d6c46356b8a801131ab9
SHA512

34821c37727e8414f81a7041c6ccbb7ff90290910614847d23236f698523463e16d7d0d6e5c2dba5e895cd0cc1db52578744ca06a0b999a2cd0fe707788b86ca
SSDEEP

6144:fKJEN2vqDdWBHZXEG0vkIMsFaLwrNKFjI8vM:yAKyWHZwrN+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4de51975e8f74a522c819b609bf71a_JaffaCakes118

Files

3d4de51975e8f74a522c819b609bf71a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f16a1c49a574911c8a8fddb0871e4731

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
ExitProcess
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
CloseHandle
CreateMutexA
GetModuleFileNameA
MultiByteToWideChar
GetLastError
GetOEMCP
GetACP
GetCPInfo
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetStringTypeW

user32

DispatchMessageA
TranslateMessage
GetMessageA

advapi32

RegQueryValueExA
RegCloseKey
SetServiceStatus
OpenServiceA
DeleteService
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
RegOpenKeyExA

rpcrt4

NdrServerInitializeNew
NdrConvert
RpcRaiseException
I_RpcGetBuffer
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f16a1c49a574911c8a8fddb0871e4731

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 3KB