a6f7efd738d394c01d0bc1813561ef51_JaffaCakes118

General

Target

a6f7efd738d394c01d0bc1813561ef51_JaffaCakes118
Size

150KB
MD5

a6f7efd738d394c01d0bc1813561ef51
SHA1

a62638b096dfd93cc2e3b4deda871e7f9e94e095
SHA256

bf1ca129721379685bed54a185b747099bb4d1236789413c48866f3a1826bc1e
SHA512

2e19338f68d3e33cbeff32e6c3b977850bb06de0fefb8505d67cc6e2855e5e6be1d2f5f3e514423f4df16467638ed58de18887177e443002c697957c86737033
SSDEEP

3072:V9D+o4w4MTbml9GRddKupFa8pnoX/BsPo:zG0ycRSolol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6f7efd738d394c01d0bc1813561ef51_JaffaCakes118

Files

a6f7efd738d394c01d0bc1813561ef51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2374ae76ec370509237a8d248540efb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
GetTempPathA
Sleep
CreateFileMappingA
RtlUnwind
GetTickCount
CopyFileA
MoveFileExA
SetCurrentDirectoryA
GetStringTypeW
GetStringTypeA
GlobalAlloc
LoadLibraryExA
GlobalFree
FreeLibrary
MapViewOfFile
CreateFileA
TerminateProcess
WriteFile
CloseHandle
MultiByteToWideChar
GetLastError
GetCurrentProcess
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
Process32Next
OpenProcess
MoveFileA
lstrlenA
SetFilePointer
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetFileSize
SetFileTime
GetFileTime
GetSystemDirectoryA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
lstrcmpiA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

gdi32

MoveToEx
LineTo
GetPixel

user32

DispatchMessageA
wsprintfA
CharLowerBuffA
GetDesktopWindow
GetDC
PeekMessageA

advapi32

RegCreateKeyA
OpenSCManagerA
CreateServiceA
StartServiceA
CloseServiceHandle
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
OpenProcessToken
RegOpenKeyExA
RegCloseKey
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2374ae76ec370509237a8d248540efb0

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 47KB - Virtual size: 49KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 47KB - Virtual size: 49KB