a7104d50c2a14a6306cffcb1f0aca184_JaffaCakes118

General

Target

a7104d50c2a14a6306cffcb1f0aca184_JaffaCakes118
Size

44KB
MD5

a7104d50c2a14a6306cffcb1f0aca184
SHA1

7aefcfaa726c6a5c641f608189abcaa245581264
SHA256

f5eaea64f3f3d8cef4f48ded469c0895019f470b6b5b8c4f4b571f3c394c83d1
SHA512

adf50013b8bfb3900810df55f4d1aa04deb664542fa3b4c7402640ad1fd82cc0f14fa835e68b3438b9d957f7ce7a8ae26f38f872b1976336432bf42e93ced014
SSDEEP

768:Kucdya1vShjVQTnhNwy3X+igc9loEBLgneHFATt:KBShjVQTn3X+igY9g+wt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7104d50c2a14a6306cffcb1f0aca184_JaffaCakes118

Files

a7104d50c2a14a6306cffcb1f0aca184_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d11b4d86fbff67c814f59cc57d4e3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msfext

SetAccessPriv

kernel32

LoadLibraryA
VirtualFreeEx
CloseHandle
GetExitCodeThread
WaitForSingleObject
GetProcAddress
WriteProcessMemory
GetLastError
VirtualAllocEx
GetModuleFileNameA
OpenProcess
FreeLibrary
CreateRemoteThread
SetLastError
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d11b4d86fbff67c814f59cc57d4e3aa

Headers

File Characteristics

Imports

msfext

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB