4af866f8f7ea3f79fa3dce9dcfd75bbc_JaffaCakes118

General

Target

4af866f8f7ea3f79fa3dce9dcfd75bbc_JaffaCakes118
Size

48KB
MD5

4af866f8f7ea3f79fa3dce9dcfd75bbc
SHA1

aa51fe5b3fa6934f6477d5272f2d8b1224a4f769
SHA256

087ed0d4482bedf400ce0c87cee7970724be100b016192e21c717518290f459f
SHA512

6c0fd3804e738e38a5a0feeeab7712d798777c8544d4f81989182efc9e07238eeabff251c142440b1342a1ffd05073004dfbd2b607503b1fdf65b33c43f7b44f
SSDEEP

768:LdyVVBi2VIgVHwa/pqDD2Z5dAh8BtveJwgIS:a1OgVMf2e8tveJwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4af866f8f7ea3f79fa3dce9dcfd75bbc_JaffaCakes118

Files

4af866f8f7ea3f79fa3dce9dcfd75bbc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4e88156a44ba0fcc0c88445ce3e09a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Sleep
LocalFree
LocalAlloc
GetLastError
CreateMutexA
GetWindowsDirectoryA
lstrcatA
GetVersionExA
ResumeThread
VirtualAllocEx
GetThreadContext
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
CreateProcessA
FreeLibrary
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
SetFilePointer
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

advapi32

ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
QueryServiceConfigA

shell32

ShellExecuteExA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4e88156a44ba0fcc0c88445ce3e09a2

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 21KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 21KB