5b5b7b9da72414b2206a6e569261c9af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b5b7b9da72414b2206a6e569261c9af_JaffaCakes118
Size

903KB
MD5

5b5b7b9da72414b2206a6e569261c9af
SHA1

070aae77e6d006de88a42c15a24464cc3088c0d4
SHA256

d585a6777b13335e764bd30909761f9e0e1be0b6da39c78f00375f95863baf06
SHA512

abc1614a5233a36c6abaab95de48a179fce1c1a72b0f47f3b7d219da39acfee034ebf4f1272a3d82603fed2f02e8b888b78beeee8775561c2a4fdd0c0478da11
SSDEEP

24576:KyYX+RgyYX+RXyYX+RgyYX+REyYX+RgyYX+RXyYX+RgyYX+RD:K1X+Rg1X+RX1X+Rg1X+RE1X+Rg1X+RXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b5b7b9da72414b2206a6e569261c9af_JaffaCakes118

Files

5b5b7b9da72414b2206a6e569261c9af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6cdafea934ff4ec7fcf459c9e1cd3842

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentThreadId
OutputDebugStringA
GetFileTime
lstrcatA
WritePrivateProfileStringA
DeleteFileA
FreeResource
lstrlenA
CreateMutexA
SetFileTime
LocalFileTimeToFileTime
GetTempPathA
GetFileAttributesA
lstrcmpA
SetLastError
LocalReAlloc
LocalFree
LocalAlloc
GetLastError
ReleaseMutex
GetModuleFileNameA
CreateFileA
SetFilePointer
ReadFile
Sleep
GetSystemDirectoryA
CopyFileA
GetVersion
LoadLibraryA
GetProcAddress
FreeLibrary
CreateRemoteThread
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCurrentProcess
CloseHandle
WriteFile
GetTickCount

user32

wsprintfA
GetInputState
PostThreadMessageA
GetMessageA
MessageBoxA

advapi32

OpenServiceA
CloseServiceHandle
StartServiceA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
CreateServiceA
EnumServicesStatusA
QueryServiceConfigA
UnlockServiceDatabase
ChangeServiceConfigA
LockServiceDatabase
OpenSCManagerA

msvcrt

_strlwr
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
rand
realloc
malloc
strncmp
strtoul
isdigit
rename
sprintf
??2@YAPAXI@Z
strchr
strstr
fclose
fread
fseek
fopen
exit

Sections

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HG
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HG
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HG
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6cdafea934ff4ec7fcf459c9e1cd3842

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.data Size: 12KB - Virtual size: 12KB

.CRT Size: 512B - Virtual size: 4B

HG Size: 64B - Virtual size: 64B

HG Size: 64B - Virtual size: 64B

HG Size: 64B - Virtual size: 64B

.data
Size: 12KB - Virtual size: 12KB

.CRT
Size: 512B - Virtual size: 4B

HG
Size: 64B - Virtual size: 64B

HG
Size: 64B - Virtual size: 64B

HG
Size: 64B - Virtual size: 64B