6623e1dd1844f5a92fff09878bbc641d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6623e1dd1844f5a92fff09878bbc641d_JaffaCakes118
Size

40KB
MD5

6623e1dd1844f5a92fff09878bbc641d
SHA1

f7b4e821c4edb998c6236a75ba85da45b2daaee9
SHA256

4838cf255cb89e40a7708ab5ee98c89f8b0a8d3db5af791bb150d12c27ea9b73
SHA512

35ba58fe0efe8c7c87f5b647f1d0140c19281df6592f54683e0efc875d33f926ddfaf62aac51ce0b81fe828b6d0e6580bdcefb3dabd1600eaf7c59f64d7bf64d
SSDEEP

768:LEt8ZqUj4s0cZ6tRrufP8CtsLiXk7e43quonwFNZH/:LKs0e+dpCtCecq/nwF3f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6623e1dd1844f5a92fff09878bbc641d_JaffaCakes118

Files

6623e1dd1844f5a92fff09878bbc641d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d65fa4c55d93956a1b33b2bfe240864

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shfolder

SHGetFolderPathA

advapi32

CreateServiceA
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
ExitProcess
ExitThread
FindResourceA
FindResourceExA
FreeResource
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemDefaultLangID
GetSystemInfo
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VerLanguageNameW
WaitForSingleObject
WideCharToMultiByte
WriteFile

netapi32

Netbios

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

shell32

ShellExecuteA

user32

CharLowerBuffW
CharUpperBuffW
GetSystemMetrics
MessageBoxA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d65fa4c55d93956a1b33b2bfe240864

Headers

File Characteristics

Imports

shfolder

advapi32

kernel32

netapi32

oleaut32

shell32

user32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 2KB