94d6e43bb382f028d9caee985c2b4220_JaffaCakes118

General

Target

94d6e43bb382f028d9caee985c2b4220_JaffaCakes118
Size

76KB
MD5

94d6e43bb382f028d9caee985c2b4220
SHA1

1d241b8dc460c92322207a73dbc9290a38c362fa
SHA256

de1dbcb638235f1461002bcec3f42a31dc2260b603a5b2995932df3f2c451405
SHA512

947243ff5e3dd731751c01ff3e25ee59967c9fcea674da90531c3494fb06a3282bece91c72a79dc7660f3206d44f6aad558f0d77484bc6c7cfa04cb6ef837458
SSDEEP

1536:HTQkyqUemMrpQtEUJI4NN6Uc8/KPUVv/PQNU:zQh1eNpQtTJIAN6UJcUpPt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94d6e43bb382f028d9caee985c2b4220_JaffaCakes118

Files

94d6e43bb382f028d9caee985c2b4220_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81bef4293335e1f7066ffaf9a14e91e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
ReadProcessMemory
GetThreadContext
TerminateProcess
SetThreadContext
WriteProcessMemory
FreeLibrary
VirtualFree
GetStringTypeA
LCMapStringW
VirtualAlloc
GetModuleHandleA
LoadLibraryA
GetProcAddress
HeapAlloc
CopyFileA
GetLastError
lstrlenA
Sleep
GetTickCount
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
GetSystemDirectoryA
lstrcatA
GetTempPathA
WinExec
CreateFileA
WriteFile
CloseHandle
VirtualProtectEx
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

user32

wsprintfA

advapi32

StartServiceA
OpenSCManagerA
CreateServiceA
OpenServiceA
RegOpenKeyA
CloseServiceHandle
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81bef4293335e1f7066ffaf9a14e91e8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 35KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 8KB - Virtual size: 8KB