8aa2e00579e1459b2fcc69c73b6a8308_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8aa2e00579e1459b2fcc69c73b6a8308_JaffaCakes118
Size

54KB
MD5

8aa2e00579e1459b2fcc69c73b6a8308
SHA1

850f143dc21aeed8688ab0d66ac0c44871e7e885
SHA256

cd9020210c5ea438737f2c083003017a8c5266279a738ed70e82fa5ee853de44
SHA512

448e57560601de4e036abf9092e738884a8cb58bc38838477f22203b1eb08e54f10f62a105401627887fcb6550cab4b3bea27485259735a13ae0bed70a7fce6d
SSDEEP

768:f4eSyghiB2CisfRx0sWOWCLXjtcAXRjl6/r+AYh6kWjcTWzS97i1k:fwyghiIEiv6XlRs//DIT8O7Ak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aa2e00579e1459b2fcc69c73b6a8308_JaffaCakes118

Files

8aa2e00579e1459b2fcc69c73b6a8308_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7529c0e6c6f017d614bfe34e9524336

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreateServiceA
EqualSid
InitializeSecurityDescriptor
LockServiceDatabase
OpenSCManagerA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyExA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus

kernel32

CloseHandle
CopyFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
DeleteCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileTime
GetLastError
GetModuleHandleA
GetPrivateProfileSectionA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetThreadTimes
GetUserDefaultLCID
GetWindowsDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedCompareExchange
InterlockedExchange
IsValidCodePage
LCMapStringA
LoadLibraryA
LoadLibraryExA
MapViewOfFile
Module32First
Module32Next
RemoveDirectoryA
SetCurrentDirectoryA
SetErrorMode
SetEvent
SetFilePointer
SetLastError
SizeofResource
Sleep
TlsFree
VirtualFree
WideCharToMultiByte
lstrcmpiA

user32

DispatchMessageA
GetSystemMenu
GetSystemMetrics
RegisterClassExA
TrackPopupMenu

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerLanguageNameA
VerQueryValueA
VerQueryValueIndexA

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7529c0e6c6f017d614bfe34e9524336

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 512B - Virtual size: 4KB

.DATA Size: 7KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 512B - Virtual size: 4KB

.DATA
Size: 7KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB