4d8d409608d460dac6b74eba83348676_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4d8d409608d460dac6b74eba83348676_JaffaCakes118
Size

59KB
MD5

4d8d409608d460dac6b74eba83348676
SHA1

d29b07ec19cbf2dd3d49251cc315c325eafb9ab1
SHA256

1b23e2192afea58672a79683093f99cc928be9cebfc4d1fdf93aac920f1a0daa
SHA512

da1cc166db72cab12f8de42d3ec3fb281f4bdb2e24d1372e160036c2c63c7cb8a15d62589186854592a48a16b927c5f1153ff52b7a19108d4af3b25731844fa6
SSDEEP

1536:ZCwFD2ih4ujpYYaV3lFJ8PmbJafclbaSNcRNkv:ZnphflYYoD9bJmclPIkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d8d409608d460dac6b74eba83348676_JaffaCakes118

Files

4d8d409608d460dac6b74eba83348676_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0387aa36051e221aacfcc62a2913340b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CloseServiceHandle
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
QueryServiceConfig2A
QueryServiceStatus
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateFileMappingA
CreateMutexA
CreateThread
DeleteAtom
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetACP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemTimeAsFileTime
GetTempFileNameA
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapSize
IsBadCodePtr
LoadLibraryA
LocalAlloc
MoveFileA
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
ReadFile
SearchPathA
SetFileAttributesA
SetFileTime
SetHandleCount
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
WriteConsoleA
WriteFile
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

user32

CallWindowProcA
DispatchMessageA
DrawIcon
EqualRect
FindWindowA
GetCapture
GetClientRect
GetDC
GetDesktopWindow
GetKeyState
GetMessageA
GetParent
GetProcessWindowStation
GetWindowThreadProcessId
IntersectRect
IsRectEmpty
IsWindowEnabled
KillTimer
LoadIconA
MessageBoxA
MsgWaitForMultipleObjects
OffsetRect
PeekMessageA
RegisterClassA
RegisterClassExA
SetWindowRgn
SystemParametersInfoA
UnregisterClassA
UpdateWindow
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0387aa36051e221aacfcc62a2913340b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.DATA Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.DATA
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB