5c0e77c55ecc5819bed43693951c16d2_JaffaCakes118

General

Target

5c0e77c55ecc5819bed43693951c16d2_JaffaCakes118
Size

148KB
MD5

5c0e77c55ecc5819bed43693951c16d2
SHA1

40c4ff0293294f3eeb584f64b09263e93d409785
SHA256

4c2b4f72141c7785d13a322d09e75ae4c81fbaf46feb0df074d4ae8034f3f150
SHA512

af2a1b62b8cd479ab22d77d4438c1123338062e2a94ee100c53321fd7e21a4667cae697c4db0eb8983335b4076348e851c20ee7ae031b45bba280daa2d5594f4
SSDEEP

1536:lUjkGxOtYeGYfoNcy5AjVGzSXTN5eSZOmBoQOtUBAnuJVl4kRmKAT+483KSvwdB3:SgtYeNfoNQ61oOmBoQOBnCni2wdBoA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c0e77c55ecc5819bed43693951c16d2_JaffaCakes118

Files

5c0e77c55ecc5819bed43693951c16d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f478cbcd21a8ca20eccc5a3e071a945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
DeleteFileA
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
LoadResource
SizeofResource
LockResource
CreateProcessA
GetLastError
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameA
CloseHandle
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetStringTypeW

advapi32

QueryServiceStatus
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f478cbcd21a8ca20eccc5a3e071a945

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 112KB - Virtual size: 108KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 112KB - Virtual size: 108KB