7665182181e920e70e2acf550c2e9df2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7665182181e920e70e2acf550c2e9df2_JaffaCakes118
Size

175KB
MD5

7665182181e920e70e2acf550c2e9df2
SHA1

33281d7ef2537b01fc94dd8cbb34b9bc7798e866
SHA256

67ed91dd7b319118ebd8f193c0b2fcf7097cdb1c39fa94f99e0611cff4911a04
SHA512

56db2b3cebd2f03bc0b44a5b21267320c8abd1bf648ac0ead6ffb2307726f75be11347a189a8a51deec4609ef5abdd98dafae0e4433ae48f42976fbcb0a074b5
SSDEEP

3072:7xskJ/clxLacnnvQgJVXymIYMx4Dx4kC8jzt5atLCdKRmk:7xsKcNyx4Dx4kN34CdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7665182181e920e70e2acf550c2e9df2_JaffaCakes118

Files

7665182181e920e70e2acf550c2e9df2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4980e276e3d1f399a27276ba24d171db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
GetTokenInformation
LockServiceDatabase
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
SetServiceStatus

kernel32

CopyFileA
CreateEventA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetDateFormatA
GetEnvironmentStringsA
GetModuleFileNameA
GetPrivateProfileStringA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GlobalReAlloc
HeapAlloc
HeapDestroy
HeapFree
InterlockedCompareExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LoadResource
LocalAlloc
MulDiv
OpenProcess
ReadFile
ReleaseMutex
ResetEvent
SetCurrentDirectoryA
SetFilePointer
SetFileTime
Sleep
SuspendThread
UnhandledExceptionFilter
WriteConsoleA
lstrcmpA
lstrcmpiA

user32

FillRect
FindWindowA
GetSystemMetrics
SetMenu

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerLanguageNameA
VerQueryValueA
VerQueryValueIndexA

Sections

.text
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 45KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4980e276e3d1f399a27276ba24d171db

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 119KB - Virtual size: 120KB

.rdata Size: 512B - Virtual size: 4KB

.DATA Size: 45KB - Virtual size: 228KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 120KB

.rdata
Size: 512B - Virtual size: 4KB

.DATA
Size: 45KB - Virtual size: 228KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB