c024bb45f1e7ddbe80d2936c4d2d01c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c024bb45f1e7ddbe80d2936c4d2d01c0_JaffaCakes118
Size

89KB
MD5

c024bb45f1e7ddbe80d2936c4d2d01c0
SHA1

17462930f4fedba7287344216569a33c3cef801b
SHA256

d83cc1590615c66e1dd3e6dc3d36849f3ed48583129a12b81824ee6e89273bdf
SHA512

0df12c3316090d08624fd75ec7b848ab169c81ec828ba15fc1590e7c40741dea0c04f28e1d26f41981b1beb0b98cc9a509a078ccd2cd49ade3ea583b7c4d9208
SSDEEP

1536:yPg4jld3IgF9dvgmY5pv5kAFKcBLcBTH5eVVanaHiCVVILj5BZIrtCfLBLLN6lfu:yPVDi95N6uKcpa5Y4aCCV2j5BZIrtCf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c024bb45f1e7ddbe80d2936c4d2d01c0_JaffaCakes118

Files

c024bb45f1e7ddbe80d2936c4d2d01c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bac1b44f7964bd9d15da550378cffff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
LCMapStringA
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
LCMapStringW
GetStringTypeA
GetModuleHandleW
GetCommandLineW
GetVersion
Sleep
GetLastError
TerminateProcess
SetConsoleMode
ExitProcess
LocalAlloc
LocalFree
HeapFree
GetCommandLineA
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetStringTypeW

user32

CreateCaret
IsWindow
CallWindowProcW
EnableWindow
GetDlgItem
SetWindowLongW
GetScrollPos
EndPaint
GetWindow
GetParent
MapVirtualKeyA
GetKeyNameTextW
GetKeyNameTextA
GetWindowTextA
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
AppendMenuA
CallWindowProcA
GetMessageA
GetWindowLongA
TrackPopupMenu
GetCursorPos
AppendMenuW
CreatePopupMenu
DrawFrameControl
FillRect
GetSysColorBrush
GetActiveWindow
CheckMenuRadioItem
CheckMenuItem
RegisterHotKey
UnregisterHotKey
ExitWindowsEx
RegisterWindowMessageA

advapi32

GetTokenInformation
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
CreateServiceW
DeleteService
OpenSCManagerW
CloseServiceHandle
RegDeleteKeyW
RegCreateKeyExW
QueryServiceStatus
RegOpenKeyA

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bac1b44f7964bd9d15da550378cffff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 24KB - Virtual size: 568KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 24KB - Virtual size: 568KB

.rsrc
Size: 1KB - Virtual size: 1KB