a00767be71ae56a0571c59cb17178845_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a00767be71ae56a0571c59cb17178845_JaffaCakes118
Size

2.6MB
MD5

a00767be71ae56a0571c59cb17178845
SHA1

59e5fb6958cbb1cc7dc3c85fa283f7de8e47a625
SHA256

7d0cf63444693e91c77e383eca8ef60fdbd4645d98bae6a043d35589a8b3fe20
SHA512

c05dad4689f5e219b38b4bb76e3006316ce15f5c711ab7be54ca48d01ad3ec5217491faa4a0b925f642f7af1cefd041af6c7c10662e5a933c8bfa9550fcd76b1
SSDEEP

49152:/EaqTpKwGvIRM+U5Kzcc8UNnGv9CuafFvNW7hyXmlc+zjeTurcaFug:/Y8wGvIc68twumFlW7UT+XF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a00767be71ae56a0571c59cb17178845_JaffaCakes118

Files

a00767be71ae56a0571c59cb17178845_JaffaCakes118
.exe windows:4 windows x86 arch:x86

388b94fee452f15bf5188eccf73f431c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
ChangeServiceConfig2A
GetTokenInformation
InitializeSecurityDescriptor
QueryServiceStatus
RegCreateKeyExA
RegEnumValueA
RegFlushKey
RegOpenKeyExA
RegQueryInfoKeyA

kernel32

CloseHandle
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DeleteAtom
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSize
GetFileTime
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LockResource
Module32Next
MultiByteToWideChar
OpenEventA
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryA
ResumeThread
SetCurrentDirectoryA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileTime
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SuspendThread
TerminateProcess
TlsFree
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
lstrcmpiA
lstrcpyA

user32

CharUpperA
CreateWindowExA
DefWindowProcA
EndPaint
EqualRect
GetCapture
GetDlgItemTextA
GetSubMenu
GetSysColor
GetWindowLongA
GetWindowTextA
IsIconic
IsWindow
IsWindowEnabled
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
MsgWaitForMultipleObjects
OffsetRect
RegisterWindowMessageA
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
UnregisterClassA
UpdateWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 2.6MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

388b94fee452f15bf5188eccf73f431c

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 19KB - Virtual size: 20KB

.CRT Size: 2.6MB - Virtual size: 7.0MB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 20KB

.CRT
Size: 2.6MB - Virtual size: 7.0MB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 4KB