d33b91f135f40a165b5fb1876e3da4c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d33b91f135f40a165b5fb1876e3da4c5_JaffaCakes118
Size

147KB
MD5

d33b91f135f40a165b5fb1876e3da4c5
SHA1

287cbd68bfe734fcc0930f3cb6069eecd8bc31d1
SHA256

78ddfb011c043d9db4aec93699db07c25d4e51733655a3d5ef39d2d13f9ce19a
SHA512

2a97d0de3032ae57c341ab779062969b07440d334ad1274534423a266b72d9649c99866b6e2bef7858437fe71068ca0aae78d5a6ed495ca43fabe8efdc17a698
SSDEEP

3072:K2GkaTqInlM7LB55mkNS4XrFyu7RxIQCly9pWeO7G:K2zamIy7LB55muS4J7RxIYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d33b91f135f40a165b5fb1876e3da4c5_JaffaCakes118

Files

d33b91f135f40a165b5fb1876e3da4c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d08ae8a799192e5040cfe88d5e75c06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFileTime
GetFileTime
CreateFileA
SetFileAttributesA
Sleep
GetSystemWindowsDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
CopyFileA
FindFirstFileA
CreateProcessA
WriteFile
SetLastError
FormatMessageA
LocalFree
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLastError
MoveFileExA
DeleteFileA
GetVersion
FreeLibrary
GetProcAddress
OpenProcess
CreateRemoteThread
WaitForSingleObject
CloseHandle
LoadLibraryA
FindClose
QueryPerformanceCounter
InterlockedExchange
RtlUnwind
VirtualQuery
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
WideCharToMultiByte
LCMapStringW
ExitProcess
TerminateProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
VirtualAlloc
HeapSize

user32

GetActiveWindow
MessageBoxA
wsprintfA

advapi32

OpenServiceA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA
QueryServiceStatus
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

SHGetFolderPathA

sfc

SfcIsFileProtected

shlwapi

PathAppendA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d08ae8a799192e5040cfe88d5e75c06

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

sfc

shlwapi

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 115KB - Virtual size: 115KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 115KB - Virtual size: 115KB