74d5f5a26018ff576b590e4cf670545d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74d5f5a26018ff576b590e4cf670545d_JaffaCakes118
Size

51KB
MD5

74d5f5a26018ff576b590e4cf670545d
SHA1

c479720bfcb444252741aedbff4a62b44606ed8d
SHA256

9bc729aa57369218d11c5263c1bfc14e294c4ec3d5aa0deb517932c8a4aea27b
SHA512

fbf77f621222d691cc3a813415624daeada5481bb48056f61e40af8f63e833ae65f872155910fac6b1df7a721e68a5a38a134af88a2a5e3733de2b63f17d78d8
SSDEEP

768:YAMCtMsb8LhLCHlmglZeBkPc+MGu9ar/2oz5UXqglZsp5POWvFtlk4gBX1uiaYtN:YAMCt1bahLC5lZeBkPqa1zycp5WCFsRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d5f5a26018ff576b590e4cf670545d_JaffaCakes118

Files

74d5f5a26018ff576b590e4cf670545d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39b3a05fd7f004be67302f4186499464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
RegSetValueExA
OpenServiceA
RegQueryValueExW
ChangeServiceConfigA
StartServiceA
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExA
QueryServiceStatus
RegOpenKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyW

user32

wsprintfA

ntdll

RtlUlongByteSwap
NtCreateDebugObject
NtAllocateVirtualMemory

tapi32

lineNegotiateAPIVersion
lineClose
lineGetDevCapsW
lineOpen
lineShutdown
lineGetID
lineInitializeExW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

setupapi

SetupDiGetDeviceInstanceIdW
SetupOpenMasterInf
SetupDiDestroyDeviceInfoList
SetupGetSourceFileLocationA
SetupDiOpenDevRegKey
SetupGetSourceInfoA
SetupDiCallClassInstaller
SetupPromptForDiskA
SetupCloseInfFile
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupDiSetClassInstallParamsA

kernel32

GetProcessHeap
lstrcmpiA
FormatMessageA
CloseHandle
VirtualAlloc
GetLocaleInfoA
GlobalFree
LoadLibraryW
GetTempPathW
lstrcmpA
HeapReAlloc
CreateFileA
GlobalAlloc
lstrcpyA
GetProcAddress
WriteFile
GetModuleHandleA
MultiByteToWideChar
VirtualQuery
GetTickCount
ExitProcess
GetTempFileNameW
VirtualFree
GetStringTypeA
WideCharToMultiByte
lstrlenA
CreateDirectoryW
GetCPInfo
GetLastError
GetShortPathNameW
VirtualProtect
GetStringTypeW
FreeLibrary
LCMapStringW
lstrcmpiW
LoadLibraryA
Sleep
lstrlenW
DeleteFileW
HeapFree
GetSystemInfo
HeapAlloc

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39b3a05fd7f004be67302f4186499464

Headers

File Characteristics

Imports

advapi32

user32

ntdll

tapi32

ole32

setupapi

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 664KB

.rdata Size: 24KB - Virtual size: 24KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 664KB

.rdata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 6KB - Virtual size: 6KB