4671c7c426c5db19f9cafcc030168780_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4671c7c426c5db19f9cafcc030168780_JaffaCakes118
Size

59KB
MD5

4671c7c426c5db19f9cafcc030168780
SHA1

08696f05165b88e01142030729e88371b4450860
SHA256

724a32f28a7a460b25295aacee4f1c02bea20c4a61f1ff7b5c2b6fa558042714
SHA512

6e9b9ce27bc69d24d2ecd3fc3cc5a729c0d619b92229a0f036744922370134afc97b583968fb735d4257a9bae5a2d1b4298ed3349011f587dc0756181f59df47
SSDEEP

768:pJRlA42Uc3mXFx53cQwy6P9cK4M7zkQ+Au67k0NfqjzpmtokoDgSdgUrM0f:MeF33PwFpHkXz67k4fqZmto4Sm0f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4671c7c426c5db19f9cafcc030168780_JaffaCakes118

Files

4671c7c426c5db19f9cafcc030168780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d6d0a1fa53773198360f9f58ea1f9de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTokenInformation
QueryServiceStatus
RegDeleteKeyA
RegOpenKeyA
RegQueryInfoKeyA
RegSetValueExA
SetSecurityDescriptorDacl
StartServiceA

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateMutexA
CreateProcessA
CreateThread
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GlobalFree
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedIncrement
IsBadReadPtr
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
Module32First
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEndOfFile
SetFileAttributesA
SetFilePointer
SetLastError
SetPriorityClass
SetStdHandle
SetThreadPriority
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsFree
TlsGetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WriteConsoleA
WriteFile
lstrcmpiA

user32

CharLowerA
CheckDlgButton
CreateDialogParamA
DefWindowProcA
DialogBoxParamA
DrawTextA
EnableWindow
EndDialog
EndPaint
GetDlgItemTextA
GetForegroundWindow
GetMenuItemCount
GetWindow
GetWindowLongA
GetWindowTextA
GetWindowThreadProcessId
InvalidateRect
IsWindow
LoadBitmapA
MessageBeep
MessageBoxA
OffsetRect
PeekMessageA
PostQuitMessage
PtInRect
SendMessageA
SetMenu
TrackPopupMenu
UnregisterClassA
UpdateWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d6d0a1fa53773198360f9f58ea1f9de

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.INIT Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.text
Size: 24KB - Virtual size: 24KB

.INIT
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB