ba0627c7d7affe6a610e76e55666cd67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba0627c7d7affe6a610e76e55666cd67_JaffaCakes118
Size

159KB
MD5

ba0627c7d7affe6a610e76e55666cd67
SHA1

12567941a9ed6c52073de3256e6a2c9415ddddd1
SHA256

bbfcaeb8f66bf1595d2d089191cdffa3e6b02a5df574be5178edc67c650184be
SHA512

ff9e214ff3981d95801614fe47651dc079579d1f4ad7eab4c408966a276dcd9bab8b3444a6d7fd435cbe28b8a0e0a46825452817db6f618f8003023623553747
SSDEEP

3072:lmodX/EsN52dUHXg1lZdmFvb7N5bZBiUdBDN2boVfkDhgYq6:ZXX5NHQfZdQ9f/pWoQ+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba0627c7d7affe6a610e76e55666cd67_JaffaCakes118

Files

ba0627c7d7affe6a610e76e55666cd67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

089e03f21d240fa0055f63ec127cbf77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreateServiceA
DeleteService
GetTokenInformation
GetUserNameA
LookupPrivilegeValueA
QueryServiceConfig2A
QueryServiceStatus
StartServiceA

kernel32

CompareStringA
CreateDirectoryA
CreateFileA
CreateThread
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
ExitProcess
ExitThread
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStringsA
GetFileSize
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetThreadTimes
GetTimeFormatA
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
HeapDestroy
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsValidCodePage
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
MapViewOfFile
Module32First
Module32Next
MultiByteToWideChar
ReadFile
ReadProcessMemory
ReleaseMutex
RtlUnwind
SetFileAttributesA
SetFilePointer
SetHandleCount
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
lstrcmpA
lstrcmpiA

user32

CharNextA
CharPrevA
CheckDlgButton
CheckRadioButton
CreateWindowExA
EndDialog
GetActiveWindow
GetCursorPos
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetProcessWindowStation
GetSubMenu
GetSysColor
GetSystemMenu
GetWindowThreadProcessId
InvalidateRect
IsDlgButtonChecked
IsIconic
LoadStringA
MessageBeep
MessageBoxA
PostMessageA
RegisterClassA
RegisterClassExA
ReleaseDC
SendMessageA
SetDlgItemTextA
SetWindowLongA
SystemParametersInfoA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 110KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

089e03f21d240fa0055f63ec127cbf77

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 28KB

.INIT Size: 110KB - Virtual size: 236KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 28KB

.INIT
Size: 110KB - Virtual size: 236KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 3KB