bc10f4124e1fa05a45646dbd335b3b7c_JaffaCakes118

General

Target

bc10f4124e1fa05a45646dbd335b3b7c_JaffaCakes118
Size

176KB
MD5

bc10f4124e1fa05a45646dbd335b3b7c
SHA1

3c29d75fe4d3106fca565b2a477ac749dc23b51c
SHA256

a98f04ae920747254aa9b9625e64239070e71b23ad491b5e5b61c21d9a0ea45e
SHA512

e4c177afdeb1e56e434e54fab037f3798a650c5b8d47333d327c57a8252a7fa43ce04b9b7491ec41b120e3f839530add0c7534d454c95420b2b8602fd3a7171a
SSDEEP

3072:XICUt/aXFufotc6fx7LhlX+OGRiw15VxUifbuKnqloLx:xqcFxtckREz5jDfbuKnqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc10f4124e1fa05a45646dbd335b3b7c_JaffaCakes118

Files

bc10f4124e1fa05a45646dbd335b3b7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df2fe8a80257bdd9f544742865d1055

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
MoveFileExA
CloseHandle
MoveFileA
DeleteFileA
WinExec
CopyFileA
GetWindowsDirectoryA
GetCurrentProcess
HeapFree
GetProcessHeap
GetLastError
GetTempPathA
GetModuleHandleA
GetLocalTime
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
Process32Next
LoadLibraryA
GetProcAddress
GetModuleFileNameA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetStringTypeA
LCMapStringW
LCMapStringA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
GetStringTypeW

advapi32

ChangeServiceConfigA
LockServiceDatabase
UnlockServiceDatabase
ControlService
RegCreateKeyA
StartServiceA
RegOpenKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
GetUserNameA

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df2fe8a80257bdd9f544742865d1055

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 120KB - Virtual size: 118KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 120KB - Virtual size: 118KB