8a5c9818af0d7ba24d8bb57eeeef9e07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a5c9818af0d7ba24d8bb57eeeef9e07_JaffaCakes118
Size

63KB
MD5

8a5c9818af0d7ba24d8bb57eeeef9e07
SHA1

a290783dd6f6594b9ee831862eea2dc774aa59be
SHA256

c8e84c4674b004b8aefb62ff5cd076bbb4c3e0e38e25cbbdd3f3c7b7eb453d52
SHA512

09ebbb316c40c2139ac92425af1fcb5a41512b40480b6c2d1377fb60ddd2bfcc5f88cb7e17f6a9d95c15bc5f1669088b4c2283aa1f2e8e8c54cd17224785601b
SSDEEP

1536:gBjN2cO5E8rEa6Dw5rfvQY90vljpt3nLQmPy:g+1wDw1Cvlrna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a5c9818af0d7ba24d8bb57eeeef9e07_JaffaCakes118

Files

8a5c9818af0d7ba24d8bb57eeeef9e07_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c1249a96acef7fa268ef70f3cf557d07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CompareStringA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
ExitProcess
FindClose
FindFirstFileA
FindResourceA
FormatMessageA
FreeEnvironmentStringsA
GetACP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetExitCodeProcess
GetFileType
GetLastError
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetTickCount
GetVersion
GetVersionExA
GlobalHandle
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsDebuggerPresent
LeaveCriticalSection
LocalAlloc
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenEventA
OpenProcess
QueryPerformanceCounter
RemoveDirectoryA
SearchPathA
SetEvent
SetFileTime
SetStdHandle
SizeofResource
SystemTimeToFileTime
WriteFile
lstrlenA

user32

EnableMenuItem
FindWindowA
GetDlgCtrlID
GetWindowTextA
IsDlgButtonChecked
PtInRect
SetTimer
SetWindowLongA

advapi32

AdjustTokenPrivileges
CloseServiceHandle
CreateServiceA
DeleteService
EqualSid
GetTokenInformation
OpenServiceA
QueryServiceConfig2A
RegOpenKeyExA

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

c1249a96acef7fa268ef70f3cf557d07

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 38KB - Virtual size: 40KB

.DATA Size: 13KB - Virtual size: 48KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 40KB

.DATA
Size: 13KB - Virtual size: 48KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB