41816d666f3cf3171936b4d4d9442d1b_JaffaCakes118

General

Target

41816d666f3cf3171936b4d4d9442d1b_JaffaCakes118
Size

277KB
MD5

41816d666f3cf3171936b4d4d9442d1b
SHA1

fab8a0c1c0e753e44d294d16f49b708c48787461
SHA256

1555861fbd0dda57961a4889ade46cae5cdafb121a393bedc117bbafe6ed757a
SHA512

cf438e7f7ff5343bc5b085d1b862393e75661d0997ada84c6b66f1cfcc9187a0492146316f556afaffa86c6549822aed01f9391b198da992ca23364e6e1d3fcb
SSDEEP

3072:a/faL5aayN/ltorsh1f3oVoVV1JYXgD7oVV1JF+W9UebZPQpowY2+2G5aZiCB9+H:xEN9z1fR+XdU0PQDjZiCB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41816d666f3cf3171936b4d4d9442d1b_JaffaCakes118

Files

41816d666f3cf3171936b4d4d9442d1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ea450a4a89322f975f69bbb9d154da6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
WinExec
GetVersionExA
OpenMutexA
SetProcessAffinityMask
GetProcessAffinityMask
GetCurrentProcess
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
GetModuleHandleA
HeapFree
HeapAlloc
GetProcessHeap
GetTickCount
DeleteFileA
CopyFileA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
SetCurrentDirectoryA
GetLastError
GetFileTime
SetFileTime
GetSystemDirectoryA
CreatePipe
ReadFile
GetLocalTime
GetTimeFormatA
OutputDebugStringA
CreateFileA
SetFilePointer
ExitProcess
CreateProcessA
GetStartupInfoA
Thread32Next
GetCurrentThreadId
SuspendThread
Thread32First
CreateToolhelp32Snapshot
Process32Next
Process32First
RtlUnwind
GetCommandLineA
GetVersion
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
SetStdHandle
FlushFileBuffers
WriteFile
CloseHandle

advapi32

LookupPrivilegeValueA
RegCreateKeyA
StartServiceA
QueryServiceStatus
EnumDependentServicesA
ControlService
OpenProcessToken
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
RegOpenKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ea450a4a89322f975f69bbb9d154da6

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 48KB - Virtual size: 46KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 216KB - Virtual size: 215KB

.text
Size: 48KB - Virtual size: 46KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 216KB - Virtual size: 215KB