9644c9745bac5a26551db8dedcbaccc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9644c9745bac5a26551db8dedcbaccc2_JaffaCakes118
Size

60KB
MD5

9644c9745bac5a26551db8dedcbaccc2
SHA1

2bc6b172a4e12cc078d3641215a0ec33ee59125e
SHA256

53504bdf1b6101b43b7ed843349996de631aa66a0f456df0dd45b3915d45a26f
SHA512

63ba1d90845d5e7a9c957eff53dcb5d8598f76b1e4ac39abd5bc935fd96c78713f81e509dc358b91c2b2e5f60535ca9844306c6b95daa7f5d5211ca45bbf32ab
SSDEEP

768:EdAKSvT9JsE8WnJy4D1WP2y373mT1wCI0JttXByxqkq2CLMPxiXNVu3wIIex:IwZJssnJnD1WeaSJnt3nks/9Vu3jI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9644c9745bac5a26551db8dedcbaccc2_JaffaCakes118

Files

9644c9745bac5a26551db8dedcbaccc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

883606cedfb3986ba462a35f67d7d49b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
EqualSid
InitializeSecurityDescriptor
OpenServiceA
QueryServiceConfig2A
QueryServiceStatus
RegQueryInfoKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
CreateToolhelp32Snapshot
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileTime
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalFree
HeapDestroy
HeapFree
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryExA
LocalAlloc
Module32First
MulDiv
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
RemoveDirectoryA
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcpynA
lstrlenA

user32

CopyRect
GetAsyncKeyState
GetDC
GetDlgItem
GetDlgItemTextA
GetFocus
GetMessageA
GetSysColorBrush
IntersectRect
IsIconic
IsRectEmpty
LoadCursorA
LoadIconA
LoadImageA
LoadStringA
MessageBoxA
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassExA
ReleaseDC
SendMessageA
SetDlgItemTextA
SetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
UpdateWindow
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

883606cedfb3986ba462a35f67d7d49b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 26KB - Virtual size: 28KB

.DATA Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.text
Size: 26KB - Virtual size: 28KB

.DATA
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB