715dd596a40356122410dd5cce388358_JaffaCakes118

General

Target

715dd596a40356122410dd5cce388358_JaffaCakes118
Size

28KB
MD5

715dd596a40356122410dd5cce388358
SHA1

c4e16b0ebc4054a96ba4022216fb0caac161e545
SHA256

6192ba048a0264c289a80e388e2d2b2d81b012211bd89ca652791b5af765e102
SHA512

bc0e0b20d7aea2ab5e7ec36ce2f139e67b2e75565f6abc5abfea5e63bae90affed0db235206a4c2ce08a4160e7a61bf737d9c8ab2950e19cf5ae90c340e85a78
SSDEEP

384:Hj8TM/qm/5MF7H0TTCY0Wi/og3lkl+fztUmTq:AMT/5KTY0BiAxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
715dd596a40356122410dd5cce388358_JaffaCakes118

Files

715dd596a40356122410dd5cce388358_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cdec589d96b0cc577aaa77aa6aa0be26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
HeapFree
GetProcessHeap
MapViewOfFile
CreateFileMappingA
HeapAlloc
FreeConsole
GetCurrentThreadId
SetLastError
Sleep
LoadLibraryA
GetProcAddress
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle

user32

CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor

msvcrt

_adjust_fdiv
_initterm
_beginthreadex
wcstombs
strncpy
_except_handler3
free
malloc
__CxxFrameHandler
??3@YAXPAX@Z

Exports

Exports

MyTest
QgptkagOckl

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdec589d96b0cc577aaa77aa6aa0be26

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 6KB

.edata Size: 512B - Virtual size: 91B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 6KB

.edata
Size: 512B - Virtual size: 91B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 3KB