6710b44bfee43ba4f42f3c146801f3e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6710b44bfee43ba4f42f3c146801f3e6_JaffaCakes118
Size

144KB
MD5

6710b44bfee43ba4f42f3c146801f3e6
SHA1

bf703d92edd3a746c82be28fa5ccda2c08c94714
SHA256

a0941c380f1c8cc83b0cfb8254960d2b118ae06f9e398b6d27fd1676bcb72918
SHA512

cfc1d8917e3f0bb736fa3a32a9bf554fb4a3cf4d91a49af08e2e447c9ff43cc8e6e920d3b341c80666129a591875a78797b9556687a57dc92f30bf1ce7cfbfac
SSDEEP

1536:T94+pMNVhg8B+/NwQmPQ0hDGqcwIDwflLgNibSiJALYMWFrOwEoWEQvGbtZS2:TGphbYyzDY42NibuboSvitZS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6710b44bfee43ba4f42f3c146801f3e6_JaffaCakes118

Files

6710b44bfee43ba4f42f3c146801f3e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

401a6c72bbd3fbefb35256af28495a2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetCommandLineW
WideCharToMultiByte
WriteFile
CreateFileW
ReadFile
GetFileSize
CreateDirectoryW
lstrcatW
GetLocalTime
GetVersionExW
GetCurrentThreadId
SetFilePointer
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
CreateEventW
WaitForSingleObject
CreateThread
Sleep
OpenProcess
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
CloseHandle
RaiseException
lstrlenW
LoadLibraryA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetModuleFileNameA
GetStdHandle
ExitProcess
LCMapStringW
LCMapStringA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
GetModuleHandleA
IsValidCodePage
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP

user32

wvsprintfW
MessageBoxW
CharUpperW
LoadStringW
PostThreadMessageW
GetMessageW
DispatchMessageW
TranslateMessage
CharNextW
UnregisterClassA

advapi32

QueryServiceStatus
ChangeServiceConfigW
ChangeServiceConfig2W
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
CreateServiceW
ControlService
DeleteService
RegQueryValueExW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
OpenSCManagerW
OpenServiceW
CloseServiceHandle
SetServiceStatus
OpenProcessToken
CreateProcessAsUserW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
StartServiceW

shell32

SHGetFolderPathW

ole32

CoCreateInstance
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

RegisterTypeLi
VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
UnRegisterTypeLi
SysFreeString

shlwapi

PathFileExistsW

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameW

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

401a6c72bbd3fbefb35256af28495a2a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

psapi

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 4KB