c8a06c577190d4cc9479ea92870a4ac7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8a06c577190d4cc9479ea92870a4ac7_JaffaCakes118
Size

177KB
MD5

c8a06c577190d4cc9479ea92870a4ac7
SHA1

167d821fcd61d0fde076c299e2fa0eb4d2763f36
SHA256

8d3452d57a460ac55d1a532e4020940bb0fd250e00e1147acf7b0526d546b3ea
SHA512

6afe3ad8fc5005f97e824ab0641b12c0d0fbb1840d030f13e50dc73c2bfc5cf0168cccae0c6db459bbf65ac292a0f220598ed9cb7c5e7515e385515bc8fd1160
SSDEEP

3072:F8fVkjM8SEYXoHG/UgOiPerK+3lGN7EmemaLqzdnENsbfEtu0k:FAVvE/G/GiPCrM7qmzUsbfgu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a06c577190d4cc9479ea92870a4ac7_JaffaCakes118

Files

c8a06c577190d4cc9479ea92870a4ac7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7a1c92dd0eeeda4125629a968c2d30d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
ControlService
CreateServiceA
GetUserNameA
OpenProcessToken
OpenSCManagerA
RegEnumValueA
RegFlushKey
RegQueryValueExA
SetServiceStatus
StartServiceA
UnlockServiceDatabase

kernel32

CloseHandle
CompareStringA
ContinueDebugEvent
CreateDirectoryA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateToolhelp32Snapshot
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeEnvironmentStringsA
GetConsoleCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetDriveTypeA
GetEnvironmentStringsA
GetFileTime
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempFileNameA
GetTempPathA
GetThreadTimes
GetTickCount
GetTimeFormatA
GlobalAlloc
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
IsBadReadPtr
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LocalFree
MapViewOfFile
Module32First
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadProcessMemory
SetEndOfFile
SetErrorMode
SetPriorityClass
SetThreadPriority
SuspendThread
TerminateProcess
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
WriteConsoleA
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA

user32

BeginPaint
CharLowerA
CharPrevA
CharUpperA
CheckMenuItem
DestroyMenu
DispatchMessageA
EnableMenuItem
GetFocus
GetParent
GetSysColorBrush
GetSystemMenu
GetWindowLongA
IsIconic
LoadCursorA
LoadIconA
LoadImageA
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
SendMessageA
SetForegroundWindow
SetMenu
SetWindowTextA
UnhookWindowsHookEx
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 116KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

oheep
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

iohoe
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7a1c92dd0eeeda4125629a968c2d30d

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 33KB - Virtual size: 36KB

.bss Size: 116KB - Virtual size: 236KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

oheep Size: 1024B - Virtual size: 4KB

iohoe Size: 1KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 36KB

.bss
Size: 116KB - Virtual size: 236KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

oheep
Size: 1024B - Virtual size: 4KB

iohoe
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 4KB