bd3813b98ff4ea97d99deaf930e1b2a2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bd3813b98ff4ea97d99deaf930e1b2a2_JaffaCakes118
Size

70KB
MD5

bd3813b98ff4ea97d99deaf930e1b2a2
SHA1

12a5f73bb80f7dd3f0e101b3d5bbb37d52d5087b
SHA256

06a13a32abc56e64fd1ff39308e620f3fdd317a40ee164cf393b6a4ef26227ef
SHA512

eca985db9f5bfe35863a5a06896c1e3cd2688d363d54a79b20dcc3778f9c45d4c85203be1a37e3bb877cf6c4b29bbd00eb92ca995eb16186f7f661c7610ee7e8
SSDEEP

768:JvaMmL4x3TNJsv3qbkm2QBXCO257Tg54OtsMtbwPqQ78/NoZzAa7D57ap85nVk+:FuokLr57TCHFwiQ78lolAa7tamk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd3813b98ff4ea97d99deaf930e1b2a2_JaffaCakes118

Files

bd3813b98ff4ea97d99deaf930e1b2a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8d9086770d52af16d3705dd3ac9f0a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
ControlService
FreeSid
LookupAccountSidA
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
RegCreateKeyExA
RegEnumValueA
RegSetValueExA

kernel32

AddAtomA
CloseHandle
CompareStringA
ContinueDebugEvent
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
DisableThreadLibraryCalls
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FindClose
FreeLibrary
GetACP
GetCommandLineA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetOEMCP
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsValidCodePage
LoadLibraryA
LoadResource
LocalFree
Module32Next
MulDiv
MultiByteToWideChar
OpenEventA
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetHandleCount
SetLastError
SetStdHandle
Sleep
SuspendThread
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualQuery
WaitForSingleObject
lstrcmpiA
lstrcpyA

user32

CheckMenuItem
CopyRect
CreateWindowExA
DialogBoxParamA
EnableWindow
GetClassNameA
GetClientRect
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetMenuItemCount
GetMessageA
GetParent
GetSysColorBrush
GetWindowRect
GetWindowTextLengthA
InvalidateRect
IsWindow
LoadIconA
MessageBoxA
PostQuitMessage
PtInRect
RegisterWindowMessageA
ScreenToClient
SendDlgItemMessageA
SetCapture
SetDlgItemInt
TrackPopupMenu
UnhookWindowsHookEx

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vpdcr
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bmnvc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8d9086770d52af16d3705dd3ac9f0a4

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 32KB - Virtual size: 36KB

.bss Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

vpdcr Size: 1KB - Virtual size: 4KB

bmnvc Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.bss
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

vpdcr
Size: 1KB - Virtual size: 4KB

bmnvc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB