d508fe7bafcf77e02eb3e5cbe4072ab0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d508fe7bafcf77e02eb3e5cbe4072ab0_JaffaCakes118
Size

360KB
MD5

d508fe7bafcf77e02eb3e5cbe4072ab0
SHA1

33a9d9cfae9b77f248a0998605198f619bf9b461
SHA256

c54c745128b45b5e8adc853c6776a99491b6cbef8b490021afd6b94063640f5c
SHA512

2ebf8cf08d95fd9f61f021ac5b61cda90cbd15a6a9a5638c2629b30e9fe86a3e2416922e102c0801a08eec05b2309105c2191aa7318f7d1f68789ced628d4db3
SSDEEP

6144:uh8ko1egwFZR8iu4gtIWNO2uu4gtIX9+SQa8xTjkxTgUuWgu8hq5Fe/Fl6Stat:uOj1zgZSiijUia9ZQaikTg3ee/b6iat

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d508fe7bafcf77e02eb3e5cbe4072ab0_JaffaCakes118

Files

d508fe7bafcf77e02eb3e5cbe4072ab0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d40ba1539cbc3960d74116b7a0bc6f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
CreateProcessA
GetShortPathNameA
GetEnvironmentVariableA
GetModuleFileNameA
MultiByteToWideChar
GetVersionExA
WritePrivateProfileStringA
GetWindowsDirectoryA
GetCurrentThreadId
SetFileAttributesA
CreateFileMappingA
CompareStringW
CompareStringA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ResumeThread
FindNextFileA
GetTempPathA
GetCurrentProcess
lstrcatA
SystemTimeToFileTime
lstrcpyA
FindFirstFileA
GetLastError
FindClose
HeapFree
UnmapViewOfFile
GetTickCount
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
Sleep
GlobalFree
FreeResource
ExitProcess
lstrlenA
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
MapViewOfFile
HeapReAlloc
HeapAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapDestroy
HeapCreate
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
SetEnvironmentVariableA

user32

PostThreadMessageA
GetMessageA
IsCharAlphaNumericA
MessageBoxA
wsprintfA
GetInputState

advapi32

RegEnumValueA
RegCreateKeyA
ControlService
StartServiceA
OpenServiceA
ChangeServiceConfigA
OpenSCManagerA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d40ba1539cbc3960d74116b7a0bc6f2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 120KB - Virtual size: 124KB

.rsrc Size: 152KB - Virtual size: 150KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 120KB - Virtual size: 124KB

.rsrc
Size: 152KB - Virtual size: 150KB