73741dd1d77cff702701fcaf2c8e655e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73741dd1d77cff702701fcaf2c8e655e_JaffaCakes118
Size

294KB
MD5

73741dd1d77cff702701fcaf2c8e655e
SHA1

3a36ac6a3b4b50eb6e11d8efe4e4876e0a86dd5b
SHA256

93e85a48c5942191244743b9f58969f2b136e9898701c3f5ad767b80ec81b86c
SHA512

9d6ac80f6e8164f6ff902583b41f02481273dd9293f9f3e625f2bd1aaf6a818c77a8e969a0e6b817104ef662ffbabb91757a78651e861f0837e092d71bef0f65
SSDEEP

6144:GXZtOby4OVVSx2ps94HUIOWxEIK7j/Ml2WQklf1Uhn/Sqq:GJUuSxP94HUIOWx4jjWrsS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73741dd1d77cff702701fcaf2c8e655e_JaffaCakes118

Files

73741dd1d77cff702701fcaf2c8e655e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db11a2b6454edd26cf1c37023d55e949

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreateServiceA
DeleteService
GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
StartServiceCtrlDispatcherA

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateThread
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCPInfo
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalLock
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
MapViewOfFile
Module32First
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ResetEvent
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetLastError
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WriteConsoleA
lstrcatA
lstrcmpiA
lstrcpynA

ole32

CreateBindCtx
IIDFromString
OleUninitialize

user32

CharNextA
DestroyMenu
DialogBoxParamA
DispatchMessageA
DrawTextA
GetFocus
GetMessageA
GetSubMenu
GetSysColor
IntersectRect
IsDlgButtonChecked
IsWindow
LoadCursorA
LoadImageA
MessageBoxA
PeekMessageA
RegisterWindowMessageA
SendMessageA
SetCapture
SetDlgItemInt
SetForegroundWindow
SetMenu
SetWindowLongA
SystemParametersInfoA
TranslateMessage
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

CODE
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 183KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db11a2b6454edd26cf1c37023d55e949

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

CODE Size: 105KB - Virtual size: 108KB

BSS Size: - Virtual size: 2.7MB

CRT Size: 183KB - Virtual size: 184KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

CODE
Size: 105KB - Virtual size: 108KB

BSS
Size: - Virtual size: 2.7MB

CRT
Size: 183KB - Virtual size: 184KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB