b6c06d7c763dcfc6291da69a7ff75565_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6c06d7c763dcfc6291da69a7ff75565_JaffaCakes118
Size

182KB
MD5

b6c06d7c763dcfc6291da69a7ff75565
SHA1

9136eecffcc96270086bec1eea441d2d9bd1d720
SHA256

cc2634f770c8bbc696ca7907b07eb972a497be46f4c7c47d6d8b9715d0b0d1de
SHA512

73d266720d955fbd9659e9cfc69bb9a0be389073cb1d5db2c7439f6230c01f5e11e652ab5d4c9dea8226a91d195abb747fe79894a8a75d2f568501e403c8b22b
SSDEEP

3072:ndDxj6yqyv/3jT8207ZNw8nBH7uaX0LRxVj0BChCsgkukq91W7d6ZeP1t1iArk:d1j65y/3jY207NBu+0LRxVj00EsgjkMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6c06d7c763dcfc6291da69a7ff75565_JaffaCakes118

Files

b6c06d7c763dcfc6291da69a7ff75565_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40989f5ddfd2d1e35c21132727bb0362

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
CreateServiceA
EqualSid
GetSecurityDescriptorControl
LockServiceDatabase
OpenSCManagerA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegQueryValueA
SetSecurityDescriptorDacl

kernel32

CreateEventA
CreateFileA
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FreeLibrary
GetACP
GetCPInfo
GetConsoleOutputCP
GetCurrentProcessId
GetDateFormatA
GetEnvironmentVariableA
GetFileAttributesA
GetFullPathNameA
GetProcessHeap
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTimeFormatA
GetVersionExA
GetWindowsDirectoryA
GlobalHandle
GlobalReAlloc
HeapAlloc
HeapFree
InitializeCriticalSection
LCMapStringA
LeaveCriticalSection
LoadLibraryA
OutputDebugStringA
ReadFile
ResumeThread
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetHandleCount
SetLastError
SizeofResource
Sleep
UnhandledExceptionFilter
VirtualAlloc
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA

user32

FindWindowA
GetCursorPos
GetDesktopWindow
ShowWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerLanguageNameA
VerQueryValueA
VerQueryValueIndexA

Sections

.text
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DATA
Size: 47KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40989f5ddfd2d1e35c21132727bb0362

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 124KB - Virtual size: 128KB

.rdata Size: 512B - Virtual size: 4KB

.DATA Size: 47KB - Virtual size: 220KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 124KB - Virtual size: 128KB

.rdata
Size: 512B - Virtual size: 4KB

.DATA
Size: 47KB - Virtual size: 220KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB