858127df48e3e6895937b4c203a37b5f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

858127df48e3e6895937b4c203a37b5f_JaffaCakes118
Size

392KB
MD5

858127df48e3e6895937b4c203a37b5f
SHA1

5c8d425f4dba1bf0c68d8cfd5ed40256dddd7095
SHA256

94387cd4a9af0fd33c33e57864ca5bd7d9c4ac18b00ff6240cb5c49bdc732373
SHA512

131bd0252d7a4d2c25b369b3c8a3684a30a830a8d55952c225bafb38560609779a08dc8223e25876cf95c73bbacb075bc52408821397be987fd1bcf79a89b8e9
SSDEEP

6144:DO3QZWSbGSoaj7lWgvYx8w4LgSipqqebJBBDP6pXLGsJTXB+HhZ:qgZWSGSoaAHxf4LgScpYfQXPP+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
858127df48e3e6895937b4c203a37b5f_JaffaCakes118

Files

858127df48e3e6895937b4c203a37b5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa0e0cbd737097f2ed297fef9f281a5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
CloseHandle
InterlockedIncrement
FreeLibraryAndExitThread
GlobalFree
SetEvent
GlobalAlloc
InterlockedDecrement
ReadProcessMemory
LocalAlloc
MultiByteToWideChar
DisableThreadLibraryCalls
DeviceIoControl
GetFileAttributesW
CreateFileW
GetCurrentProcessId
lstrlenW
lstrcmpiW
CreateDirectoryW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
HeapReAlloc
GetStringTypeW
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapFree
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
LocalFree
FormatMessageW
GetStdHandle
GetFileType
GetConsoleMode
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
GetCommandLineA
lstrcmpW
VirtualProtect
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

CharPrevW
LoadStringW
WinHelpW
SendMessageW
GetDlgItem
DestroyIcon
SetWindowLongW
EndDialog
EnableWindow
SetDlgItemTextW
GetWindowLongW
GetParent
DialogBoxParamW
SendDlgItemMessageW

advapi32

OpenSCManagerW
ChangeServiceConfigW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
UnlockServiceDatabase
QueryServiceConfigW
LockServiceDatabase
ControlService
GetSecurityDescriptorLength
OpenServiceW

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa0e0cbd737097f2ed297fef9f281a5f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 324KB - Virtual size: 322KB

.data Size: 12KB - Virtual size: 330KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 324KB - Virtual size: 322KB

.data
Size: 12KB - Virtual size: 330KB

.rsrc
Size: 4KB - Virtual size: 1KB