dd09a9acad6f8c0cf1432811c29f2945_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd09a9acad6f8c0cf1432811c29f2945_JaffaCakes118
Size

76KB
MD5

dd09a9acad6f8c0cf1432811c29f2945
SHA1

f6c98a7ed2a3643308a22f2e284890851ba0f240
SHA256

512e18154baf7b39a099bf8735c3632c9ee9c2e4c994de3443e4cf1d6e168a7c
SHA512

b5c6500349e2a02a5e555d705b82075ed2a0239523ba1084c78017d334d6b195b48cef2a128c4814f6ba293c9b737c997bc072a567b1d053dee67cb8031e09fc
SSDEEP

1536:rYPBP264t4S9SqOkk2uRZ7rKT5EJHmgtPg7:rYPs7t4SVOkkfnrKT5EJGgtI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd09a9acad6f8c0cf1432811c29f2945_JaffaCakes118

Files

dd09a9acad6f8c0cf1432811c29f2945_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d80086333bd96a995992c6c154091890

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileA
lstrcatA
OutputDebugStringA
GetCurrentProcessId
GetCurrentThreadId
GetShortPathNameA
lstrcmpA
CreateProcessA
GetVersionExA
GetProcAddress
GetModuleHandleA
WriteFile
GetFileAttributesExA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFilePointer
CreateDirectoryA
GetLocalTime
FreeLibrary
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
MoveFileA
ResetEvent
GetTickCount
Sleep
CloseHandle
GetLastError
SetEvent
lstrcpyA
GetModuleFileNameA
CreateEventA
CreateThread
WaitForSingleObject
TerminateThread
lstrcmpiA
ExpandEnvironmentStringsA
lstrlenA
SetStdHandle
SetConsoleCtrlHandler
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetTimeZoneInformation
GetSystemTime
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

wvsprintfA
wsprintfA

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey
EnumServicesStatusA
OpenServiceA
QueryServiceStatus
CreateServiceA
OpenSCManagerA
ChangeServiceConfig2A
CloseServiceHandle
StartServiceCtrlDispatcherA
RegOpenKeyExA

shell32

SHGetFileInfoA
ShellExecuteA

wininet

HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

SHDeleteKeyA
SHDeleteValueA

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d80086333bd96a995992c6c154091890

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

version

shlwapi

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 1KB