8a6bef713b08ea4668f15d7df685073f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a6bef713b08ea4668f15d7df685073f_JaffaCakes118
Size

487KB
MD5

8a6bef713b08ea4668f15d7df685073f
SHA1

19f026dee77eed9595c3ad1e347ad7015862afdd
SHA256

625d103b973f0c35f6ecad9b1d64f67d5a430825721f1085df074e5aeaf80969
SHA512

a10071c4731487b755e24418459a9a0b66ca7de1c42636787d44836074b0e89282fade05d3d18cedad5dadcfe79faea96defec5e5e6d4ba34a964e79736935fb
SSDEEP

6144:32NTogNJOYrJBfoywgDwBDoBQKFRZORSpNs8eUdqriRn2mH3HJnMpbsCrcTp2:32NVDJBfoyweBQKJG4dDR2mH3HJnObtX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a6bef713b08ea4668f15d7df685073f_JaffaCakes118

Files

8a6bef713b08ea4668f15d7df685073f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cac19608a61c01a396e0f9317c030b2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SS\Products\Console\_Mainline\Source\eEyeCompetitorUnistaller\Release\srt.pdb

Imports

msi

ord204

kernel32

GetProcAddress
LoadLibraryA
GetVersionExA
HeapAlloc
HeapFree
GetProcessHeap
InterlockedDecrement
MoveFileExA
GetCurrentProcess
GetCurrentThread
GlobalAlloc
CreateProcessA
TerminateProcess
FindFirstFileA
GlobalFree
FindClose
Process32Next
SetLastError
GetModuleHandleA
CreateToolhelp32Snapshot
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
SetEndOfFile
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetStdHandle
MultiByteToWideChar
FreeLibrary
GetLocalTime
DeleteFileA
LockResource
SizeofResource
Sleep
FormatMessageA
GetTickCount
LoadResource
FindResourceA
OpenProcess
GetExitCodeProcess
WideCharToMultiByte
ExpandEnvironmentStringsA
WaitForSingleObject
GetCommandLineW
CloseHandle
IsValidLocale
DeviceIoControl
GetLastError
CreateFileA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
FindNextFileA
WriteConsoleW
FreeEnvironmentStringsW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
SetFileAttributesA
GetFileAttributesA
ExitThread
ResumeThread
CreateThread
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
WriteFile
GetModuleFileNameA
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
SetFilePointer

user32

GetWindowLongA
GetWindowThreadProcessId
MessageBoxA
ExitWindowsEx
SendMessageA
TranslateMessage
PeekMessageA
GetDlgItem
ShowWindow
DispatchMessageA
FindWindowA
GetDlgItemTextA
EnumWindows

advapi32

RegQueryInfoKeyA
RegCloseKey
AdjustTokenPrivileges
RegEnumKeyA
FreeSid
RegEnumValueA
AllocateAndInitializeSid
RegDeleteValueA
RegOpenKeyExA
LookupPrivilegeValueA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
EqualSid
RegSetValueExA
GetTokenInformation
OpenThreadToken
OpenProcessToken
ControlService
OpenSCManagerA
QueryServiceStatusEx
StartServiceA
CreateServiceA
DeleteService
CloseServiceHandle
OpenServiceA

shell32

CommandLineToArgvW

ole32

CoCreateGuid

Sections

.text
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cac19608a61c01a396e0f9317c030b2a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 352KB - Virtual size: 352KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 53KB - Virtual size: 53KB

.text
Size: 352KB - Virtual size: 352KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 53KB - Virtual size: 53KB