9feca18d1aff955e66f96c01ca68d56a_JaffaCakes118

General

Target

9feca18d1aff955e66f96c01ca68d56a_JaffaCakes118
Size

132KB
MD5

9feca18d1aff955e66f96c01ca68d56a
SHA1

fd8eeb45540c631408b20fd69de1465aa223325f
SHA256

a817ad12c379c1c46a691da9eabe1c8cd34cc36550b3f1528677c692b1ce2449
SHA512

5905a5dfa0a80d97658289992f71e2b916f660ddc9a5015059e4d63773591dd4e9929a23ec2404eec1957b429b1eaefcdfea864c11c99edf7f73c869d5d434a6
SSDEEP

1536:NT/ykoQqOy93QCVM1ux5Lc0MTMX3KoSE6dmpSv/lCbFB+sNG+++++++++++3+q+T:9/7E3QCoQ3KU60MvNCRB+sNZNdu5jqm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9feca18d1aff955e66f96c01ca68d56a_JaffaCakes118

Files

9feca18d1aff955e66f96c01ca68d56a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b383a9e9c87b5b9178a611f89e73096f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
LoadResource
FindResourceA
GetTempPathA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
Process32Next
Process32First
SetFileTime
TerminateProcess
OpenProcess
CopyFileA
Module32First
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetLastError
DeviceIoControl
GlobalFree
LoadLibraryExA
GlobalAlloc
GetModuleHandleA
ReadFile
GetFileSize
SizeofResource
WriteFile
CloseHandle
FreeResource
MoveFileA
SetFileAttributesA
DeleteFileA
CreateToolhelp32Snapshot
GetTickCount
GetStartupInfoA

user32

wsprintfA

advapi32

OpenSCManagerA
StartServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ControlService
OpenServiceA

shlwapi

StrStrIA

msvcrt

_controlfp
rand
srand
sprintf
strstr
printf
puts
??2@YAPAXI@Z
??3@YAXPAX@Z
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b383a9e9c87b5b9178a611f89e73096f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 119KB - Virtual size: 120KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 119KB - Virtual size: 120KB