3dcaa3b739dbd29cb65baedfbbc3291a_JaffaCakes118

General

Target

3dcaa3b739dbd29cb65baedfbbc3291a_JaffaCakes118
Size

44KB
MD5

3dcaa3b739dbd29cb65baedfbbc3291a
SHA1

e757dcdaaea791dcc39cc2f75a22a17b5aeab2a1
SHA256

674e93266c4fa5ae20fc636fabf1027cae94243373f34870d5d27109224fd51e
SHA512

cbe827b4be0e3c256a3de176264ee5d402780d6359ff8657dded7dc05d76689ba9544ee2dec97dabaf32aff5a023684aad3fcfa7c77ec9bca8aa7e565e91bd7b
SSDEEP

384:FlffABi7kycVQhi5IRMsvMb0zr0OSc7PRlbGIRZ7qkyGleKllv/MLN9YvMlX:FR4BiYyC9IejwzrmUyiZ7qkyor9MOUl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dcaa3b739dbd29cb65baedfbbc3291a_JaffaCakes118

Files

3dcaa3b739dbd29cb65baedfbbc3291a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e2d947cc63f0616f53d32d2ac9d6605

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Dev\Desktop\tool\tool\Release\tool.pdb

Imports

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
CopyFileA
GetLastError
DeleteFileA
ExitProcess
GetModuleHandleA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetStringTypeA
GetStringTypeW
HeapSize
SetStdHandle
CloseHandle

advapi32

CreateServiceA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CloseServiceHandle

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e2d947cc63f0616f53d32d2ac9d6605

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB