5f9a6eaf59ba91dbf3024841edd4767b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f9a6eaf59ba91dbf3024841edd4767b_JaffaCakes118
Size

63KB
MD5

5f9a6eaf59ba91dbf3024841edd4767b
SHA1

8f630f8244984051fe24fd244fda6effdb7d5187
SHA256

3e0006939247e43c558fe0a9708212019e77a43fbcbd73e234860d00d04d9248
SHA512

3b2eca9eede9789b7e0c76168073153ed6ed0dc31f7b4161745fef214bee92f319fa9553b8ffd55d6f9536b5e3e4f56e051779011ea1c7c283605e41c9025aca
SSDEEP

1536:FPerczjlhwYYXhXcdAmlIz5skcwVsAEZ7UyUQj:FPerslhwYYxXRskr+UyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f9a6eaf59ba91dbf3024841edd4767b_JaffaCakes118

Files

5f9a6eaf59ba91dbf3024841edd4767b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

171f322361458dc84e010872a03e8c8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
DeleteService
GetSecurityDescriptorControl
GetUserNameA
OpenServiceA
RegDeleteKeyA
SetSecurityDescriptorDacl
StartServiceA

kernel32

CloseHandle
CreateDirectoryA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FlushFileBuffers
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcessHeap
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalHandle
GlobalReAlloc
GlobalUnlock
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
LeaveCriticalSection
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RemoveDirectoryA
ResumeThread
SetLastError
SetStdHandle
SetThreadPriority
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
WideCharToMultiByte
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA

user32

CallWindowProcA
CharLowerA
CharUpperA
CheckRadioButton
DrawFocusRect
GetDlgCtrlID
GetDlgItem
GetMessageA
GetSubMenu
LoadCursorA
LoadIconA
LoadStringA
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
PostMessageA
PostQuitMessage
RegisterWindowMessageA
ReleaseDC
ScreenToClient
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
SystemParametersInfoA
TrackPopupMenu

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

171f322361458dc84e010872a03e8c8a

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 28KB - Virtual size: 28KB

.DATA Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 28KB

.DATA
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB