dbadb6fd9b0ad8dcdce616e5cbd2b1ed_JaffaCakes118

General

Target

dbadb6fd9b0ad8dcdce616e5cbd2b1ed_JaffaCakes118
Size

34KB
MD5

dbadb6fd9b0ad8dcdce616e5cbd2b1ed
SHA1

b1c1eb0639f68801da515b1ae2b1fe77819e2840
SHA256

932cc4a68166c9f1b6a32b6bec92414bfc8caf7226d69cc6bd73a13f82c7a818
SHA512

d9a6f874a723d6e0fe84312d629cf2d11b52b20a706902640435bacc691cbdd8c146b76b8b307a433904c56975380a12be1fa0101fabf39c951efa5bbe2d9b54
SSDEEP

384:nZU+fztUmTIzmi/h1MVm6yNqKMdiqmD5MFAL0TT5ZgNt+eC6Vq77uQluoxmg:nZ7xPINP1SYD5rmgSeQfuQYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbadb6fd9b0ad8dcdce616e5cbd2b1ed_JaffaCakes118

Files

dbadb6fd9b0ad8dcdce616e5cbd2b1ed_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f0dfd7e2ecd6d50f1227a3a57718fff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
HeapFree
GetProcessHeap
MapViewOfFile
CreateFileMappingA
HeapAlloc
CreateMutexA
SetUnhandledExceptionFilter
FreeConsole
GetCurrentThreadId
RaiseException
SetLastError
GetModuleFileNameA
SetFilePointer
ReadFile
CreateFileA
LocalAlloc
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
lstrlenA
Sleep
InterlockedExchange
lstrcpyA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle

user32

SetProcessWindowStation
OpenWindowStationA
GetProcessWindowStation
wsprintfA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegEnumValueA
RegEnumKeyExA

msvcrt

_strnicmp
_beginthreadex
_strrev
??1type_info@@UAE@XZ
wcstombs
strncat
strncpy
_except_handler3
strchr
_CxxThrowException
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

Exports

Exports

ServiceMain
aaaaaa
bbbbbbbbbbb

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f0dfd7e2ecd6d50f1227a3a57718fff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 27KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 4KB - Virtual size: 4KB