448c570fd0e9997f972e87d7cd683f10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

448c570fd0e9997f972e87d7cd683f10_JaffaCakes118
Size

176KB
MD5

448c570fd0e9997f972e87d7cd683f10
SHA1

5acdeed014ffe4bb0ae83b33544cf4c78f555827
SHA256

9649952d02df806d09d2bef10dc5f411295bfa65a07aa22938f68d13daf61619
SHA512

b30c0701c04718a6def92f5f573f89a7d8c6b66c02edd930de491fb0b40e4c27c33795dc3203d7affde30fbd3c9212fb69422e4fb6f897c954d6376b3712a193
SSDEEP

3072:vzN+CzGgHAszdh9gqeN3kG0c2JZwK2fvf:vzNngI9gqeN3kG0ORvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
448c570fd0e9997f972e87d7cd683f10_JaffaCakes118

Files

448c570fd0e9997f972e87d7cd683f10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84f4c586ab29e69cffb1c1bf19533278

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
FreeLibrary
TerminateProcess
WaitForSingleObject
CreateProcessA
GetVersionExA
GetModuleFileNameA
Sleep
GetFileAttributesExA
DuplicateHandle
GetCurrentProcess
OpenProcess
WriteFile
GetStartupInfoA
GetModuleHandleA
WinExec
LoadLibraryA
GetProcAddress
CreateFileA
GetSystemDirectoryA
CloseHandle
GetLastError
SetFileTime

user32

PostQuitMessage
DefWindowProcA
TranslateMessage
GetDesktopWindow
DispatchMessageA
RegisterWindowMessageA
SendMessageTimeoutA
GetMessageA
GetClassNameA
PostMessageA
EnumChildWindows
GetWindowThreadProcessId
EnumWindows
ShowWindow
CreateWindowExA
RegisterClassExA

advapi32

RegOpenKeyExA
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
ConvertSidToStringSidA
LookupAccountNameA
GetUserNameA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize

oleaut32

SysFreeString
VariantClear

shlwapi

SHGetValueA
SHSetValueA

msvcrt

fclose
_stricmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
time
srand
__CxxFrameHandler
strstr
strchr
atoi
wcslen
??2@YAPAXI@Z
??3@YAXPAX@Z
fopen
fwrite
fflush
_strlwr
sprintf
_access
rand

dbghelp

ImageNtHeader

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

odata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ndata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84f4c586ab29e69cffb1c1bf19533278

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

dbghelp

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 120KB - Virtual size: 117KB

odata Size: 4KB - Virtual size: 4B

ndata Size: 4KB - Virtual size: 4B

mdata Size: 4KB - Virtual size: 4B

edata Size: 4KB - Virtual size: 4B

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 120KB - Virtual size: 117KB

odata
Size: 4KB - Virtual size: 4B

ndata
Size: 4KB - Virtual size: 4B

mdata
Size: 4KB - Virtual size: 4B

edata
Size: 4KB - Virtual size: 4B

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB