ac864d4b4ded7fda0f12258343a53862_JaffaCakes118

General

Target

ac864d4b4ded7fda0f12258343a53862_JaffaCakes118
Size

188KB
MD5

ac864d4b4ded7fda0f12258343a53862
SHA1

642b5f97bb3df53871a87d56cb4a20cd2aee333b
SHA256

e61c0cee7f77e116c5a6d37d0a9a89d66ff0935a8d8e333112edea28adc5e139
SHA512

301c7aa538b1ea706a01c93cd04447918a9337f5dbdc39b949bea2b130e1a2c540a2dc920ff86539651b2b6f55563eec3f563a3f57f6c9f1da7be6d67f4e9929
SSDEEP

3072:rQnozbdLNvJJwOFtQoMDXX4lNUtITTKMse+SxBEGxmY0cWNbcugWmtFFYG4e0u0R:rQozJJ1vgDXInUtEKMrXRmx5JEFYG4eU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac864d4b4ded7fda0f12258343a53862_JaffaCakes118

Files

ac864d4b4ded7fda0f12258343a53862_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc03dbeecbcc714bdfad0ee4a15fe349

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
GetDesktopWindow

advapi32

GetTokenInformation
RegCloseKey
CreateServiceA
ControlService
StartServiceA
CloseServiceHandle
RegFlushKey
DeleteService

ole32

OleSaveToStream
OleRegEnumVerbs
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal
CoGetClassObject

kernel32

GetLastError
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsValidCodePage
WritePrivateProfileStringA
GetPrivateProfileStringA
CopyFileA
GetConsoleOutputCP
FindClose
FileTimeToLocalFileTime
HeapReAlloc
VirtualAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
DeleteFileA
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
IsBadWritePtr

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc03dbeecbcc714bdfad0ee4a15fe349

Headers

File Characteristics

Imports

user32

advapi32

ole32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 140KB - Virtual size: 140KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 140KB - Virtual size: 140KB