a96c4cd6d87dc5139804a803a4f164f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a96c4cd6d87dc5139804a803a4f164f6_JaffaCakes118
Size

68KB
MD5

a96c4cd6d87dc5139804a803a4f164f6
SHA1

58ad6607853b4f5cabdab31a129c49ba461c23bb
SHA256

d2d5c508dfb812bc2efbd3b9b9ba39d89e8655eb1c13c9db789bb17c9ba72db3
SHA512

a66e70ab2db4ecf5c74d81e02c8b7f9ed4757762ecd7cf8dcf9a7a1ccedc13cb115fc587100a9feb20c3c586ac64f15159827db93de3eb10b26cd1ce231656d8
SSDEEP

768:9KJtGz27e+LVqUTNnD6J3y033SSLB0bbqrPufjCGGqUEH/JlpYpyaD19:9K/GCoUTYJxSS+bAPufWlqpBcRD19

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a96c4cd6d87dc5139804a803a4f164f6_JaffaCakes118

Files

a96c4cd6d87dc5139804a803a4f164f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a80f1518c199db63b2dc9d8287a4dd38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateRemoteThread
GetTickCount
CreateMutexA
OutputDebugStringA
WaitForSingleObject
GetExitCodeThread
VirtualFreeEx
CopyFileA
GetLastError
GetVersionExA
DeleteFileA
MoveFileA
CreateFileA
SystemTimeToFileTime
SetFileTime
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FreeLibrary
CloseHandle
LoadLibraryA
GetProcAddress
Sleep
GetModuleFileNameA
GetSystemTime
SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetFileAttributesA
RtlUnwind
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapAlloc
RaiseException
HeapFree
WriteFile
ReadFile
HeapReAlloc
HeapSize
InterlockedExchange
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr

advapi32

QueryServiceStatus
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
DeleteService
CreateServiceA
RegCreateKeyA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeregisterEventSource
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
StartServiceA

shell32

ShellExecuteA

ole32

CoCreateGuid

netapi32

Netbios

wininet

InternetCloseHandle
InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetOpenUrlA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a80f1518c199db63b2dc9d8287a4dd38

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

netapi32

wininet

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1024B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1024B