479de790e2291ad69652ad73e0030efe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

479de790e2291ad69652ad73e0030efe_JaffaCakes118
Size

59KB
MD5

479de790e2291ad69652ad73e0030efe
SHA1

a668aebfe0b54329526ccfeedb0dc1231b00e0ab
SHA256

29f7dd883b31057dfcf446f31c361bc4b108f3bca75e929e5e077f7dffe55ba8
SHA512

03d0a1808d0e1dac327d90cd14233245df9a6093b673aa9b88241ea6a6a41faf1247fb7c7ad3413d213937e3a9bb47d987c8e220c947a6aed83d0657e437a3e1
SSDEEP

1536:9Y5NyDouzmfkWwgUpka9ARHKDl0QXbd0ekX:9WNE2lwXka9ARqxb+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479de790e2291ad69652ad73e0030efe_JaffaCakes118

Files

479de790e2291ad69652ad73e0030efe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc32355c88aadb01ab49ad1333c1663e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
EqualSid
QueryServiceConfig2A
QueryServiceStatus
RegOpenKeyExA
SetServiceStatus

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnumSystemLocalesA
ExitProcess
ExitThread
FindClose
FindResourceA
FlushFileBuffers
FreeLibrary
GetACP
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalHandle
HeapCreate
HeapFree
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
Module32First
MoveFileExA
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
ReadProcessMemory
SearchPathA
SetEndOfFile
SetLastError
SetStdHandle
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WriteConsoleA
WriteFile
lstrlenA

user32

CallNextHookEx
CharUpperA
CheckMenuItem
DefWindowProcA
DestroyIcon
DialogBoxParamA
DispatchMessageA
EndDialog
EnumChildWindows
FindWindowA
GetActiveWindow
GetDesktopWindow
GetMessagePos
GetSystemMenu
GetWindow
GetWindowTextA
GetWindowThreadProcessId
IsDlgButtonChecked
LoadIconA
MessageBoxA
MoveWindow
OffsetRect
RegisterClassExA
SetTimer
SetWindowTextA
SystemParametersInfoA
TrackPopupMenu
TranslateMessage
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc32355c88aadb01ab49ad1333c1663e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 23KB - Virtual size: 24KB

.CRT Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 24KB

.CRT
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB