da851bc9cf3b657ea8fd039e96eaea67_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da851bc9cf3b657ea8fd039e96eaea67_JaffaCakes118
Size

223KB
MD5

da851bc9cf3b657ea8fd039e96eaea67
SHA1

17bc83fef2571897ab956a2b1b084211b7b0b284
SHA256

783c8bef7f1249da9b586d13050fff141fad1c9b658b826ceed4ea02bed9c0ca
SHA512

660d6698c9b73c68e0dfc1bf94244086f6d8d4b650deab3f5ffc2b0a37a8ba23074bef44672c61886ce0c66ed2a3def65cc8c695775b52f405f5e3c5db372f7c
SSDEEP

6144:/89RJoP9SZKSUbJZK3H74VL0hOFm9Hr1Im75nQJL:/CRi9SZKSUbJZK3H74VL0hOarMJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da851bc9cf3b657ea8fd039e96eaea67_JaffaCakes118

Files

da851bc9cf3b657ea8fd039e96eaea67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34f8f6f48beca22461e1f9592f52f8c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetShareDel
NetShareAdd

kernel32

FileTimeToLocalFileTime
FindFirstFileA
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
MultiByteToWideChar
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
LockResource
SizeofResource
FileTimeToSystemTime
FindResourceA
GetModuleHandleA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
CreatePipe
DeleteFileA
ExpandEnvironmentStringsA
GetDiskFreeSpaceExA
GetModuleFileNameA
SetEndOfFile
ReadFile
CreateFileA
GetFileAttributesA
FindNextFileA
GetLastError
FindClose
SetCurrentDirectoryA
Sleep
AllocConsole
GetStdHandle
SetConsoleCtrlHandler
GetVersionExA
SetEnvironmentVariableA
GetCurrentDirectoryA
LoadResource
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
SetStdHandle
GetFileType
RtlUnwind
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
WriteFile
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW

advapi32

ControlService
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
EnumServicesStatusA
DeleteService
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34f8f6f48beca22461e1f9592f52f8c4

Headers

File Characteristics

Imports

netapi32

kernel32

advapi32

shell32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 31KB

.rsrc Size: 3.7MB - Virtual size: 3.7MB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB