8d54e7a9f3be0ef0a0ec231838e7377d_JaffaCakes118

General

Target

8d54e7a9f3be0ef0a0ec231838e7377d_JaffaCakes118
Size

24KB
MD5

8d54e7a9f3be0ef0a0ec231838e7377d
SHA1

7f4d468b07bf2edf4fb8f070cc8ab4bbb6a4aa3f
SHA256

f40ef13a82a14a9698168373b9dd95019e27d3ace2a5c14c31fd70be008d7138
SHA512

cc5c692fa1681881822cb73581afe56d5176bcd434959ec567136ef17a53ee0724414c98f8e44a39d33f1480ac8fda31fa9bbba9dc44e398bbd484f929e77537
SSDEEP

192:zSczRF+bCUBuU/NT2GT3aKh01EhvWKe+N0wz2zm1DrpZS/BU2mY6w/:bF+bLJ11KKEQWLW0wz2zm1DrrSVl6w/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d54e7a9f3be0ef0a0ec231838e7377d_JaffaCakes118

Files

8d54e7a9f3be0ef0a0ec231838e7377d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0291f617074175ddba1743c813e1f638

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
LocalFree
FormatMessageA
GetDateFormatA
GetTimeFormatA
WriteFile
SetFilePointer
CreateFileW
IsBadReadPtr
GetModuleFileNameA
VirtualQuery
SetUnhandledExceptionFilter
ExitProcess
HeapValidate
VirtualAllocEx
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetModuleHandleW
Sleep
lstrlenA
GetCommandLineW
lstrcmpiW
lstrcpyW
WriteProcessMemory
SetThreadContext
OpenProcess
ReadProcessMemory
OpenThread
GetThreadPriority
SetThreadPriority
SuspendThread
ResumeThread
CloseHandle
GetProcAddress
SetLastError
GetLastError
HeapCreate
GetCurrentProcess

user32

GetWindowThreadProcessId
wsprintfA
wvsprintfA
EnumWindows

advapi32

CreateServiceA
CloseServiceHandle
SetServiceStatus
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetTokenInformation
DeleteService
QueryServiceStatus
ControlService
OpenServiceA
StartServiceCtrlDispatcherA
OpenSCManagerA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0291f617074175ddba1743c813e1f638

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 16B