a55989bfb62d7d6a8c2152005c7e808a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a55989bfb62d7d6a8c2152005c7e808a_JaffaCakes118
Size

188KB
MD5

a55989bfb62d7d6a8c2152005c7e808a
SHA1

1411a7918bbee456f94a5d9da3b69695e178187d
SHA256

8fce8f85559c5a7d740263d6483119b548505601815cef93f4bfcce21f670345
SHA512

ca2814836c212a09901d5669e0900624cb8f44de1b57cb1d3d1fb3ed4f66e728912184b9d3ab0627e3ad98c8abc599793d8450209bf0ca83112f3fbbe3c444fb
SSDEEP

3072:JCXehEX+uSAaFNkjlOm31/7T3Kjtq+eSTktcers378qKCk++xFUpMU4Z:JCTX+1AaFN6Fv3KjE+bTQcwsr8qexFUm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a55989bfb62d7d6a8c2152005c7e808a_JaffaCakes118

Files

a55989bfb62d7d6a8c2152005c7e808a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f52ebf3de8fbdb3b3fb1cee22eb22d95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
DuplicateHandle
GetCurrentProcess
OpenProcess
WriteFile
GetSystemDirectoryA
GetModuleFileNameA
SetFileTime
GetFileAttributesExA
GetStartupInfoA
GetModuleHandleA
WinExec
CreateProcessA
CreateFileA
WaitForSingleObject
TerminateProcess
CloseHandle
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
WideCharToMultiByte
GetVersionExA

user32

PostMessageA
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
DefWindowProcA
PostQuitMessage
ShowWindow
CreateWindowExA
RegisterClassExA
DispatchMessageA
GetDesktopWindow
TranslateMessage
RegisterWindowMessageA
SendMessageTimeoutA
EnumWindows
GetMessageA

advapi32

LookupAccountNameA
DeleteService
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ConvertSidToStringSidA
GetUserNameA
CloseServiceHandle

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize

oleaut32

SysFreeString
VariantClear

msvcrt

_access
_strlwr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
time
srand
_stricmp
rand
fclose
fflush
fwrite
fopen
wcslen
atoi
strchr
strstr
__CxxFrameHandler
sprintf

shlwapi

SHSetValueA
SHGetValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

odata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ndata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f52ebf3de8fbdb3b3fb1cee22eb22d95

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcrt

shlwapi

dbghelp

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 124KB - Virtual size: 121KB

qdata Size: 4KB - Virtual size: 4B

pdata Size: 4KB - Virtual size: 4B

odata Size: 4KB - Virtual size: 4B

ndata Size: 4KB - Virtual size: 4B

mdata Size: 4KB - Virtual size: 4B

edata Size: 4KB - Virtual size: 4B

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 124KB - Virtual size: 121KB

qdata
Size: 4KB - Virtual size: 4B

pdata
Size: 4KB - Virtual size: 4B

odata
Size: 4KB - Virtual size: 4B

ndata
Size: 4KB - Virtual size: 4B

mdata
Size: 4KB - Virtual size: 4B

edata
Size: 4KB - Virtual size: 4B

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB