ddc98735a2ffcb3c009a97c015225bff_JaffaCakes118

General

Target

ddc98735a2ffcb3c009a97c015225bff_JaffaCakes118
Size

111KB
MD5

ddc98735a2ffcb3c009a97c015225bff
SHA1

05769009a896fdd05200926819e6df43d52d0604
SHA256

86a659294152041b5fa84979846aa2eb8c38d2fbb007ee1bc549bd9b16617ac7
SHA512

260ec0d1f7fc3d79a39a61414dbbdb692bc137b19b5db0d281abf4a9c23c8b91240293036871afd1956a0aedb99919052333b16dc91c9c0983dd29da3a2db664
SSDEEP

3072:bgq32aPlZ5aMUrzPlAX5RIl2asrDnaukDBNmb:bgq32Y3sDr2PIk7ruukDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddc98735a2ffcb3c009a97c015225bff_JaffaCakes118

Files

ddc98735a2ffcb3c009a97c015225bff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7b79b25138368ef9c2bcb308e6ced79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrlenW
GetModuleFileNameA
DeleteFileW
lstrcpyA
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
ExitProcess
CreateThread
Process32NextW
GlobalFree
lstrcmpiW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
GetModuleHandleA
LoadLibraryW
FreeResource
lstrlenA
WriteFile
SizeofResource
CreateFileW
LoadResource
FindResourceW
GetSystemDirectoryW
lstrcatW
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualAllocEx
VirtualProtectEx
GetModuleHandleW
GetProcAddress
WriteProcessMemory
SetThreadContext
ResumeThread
TerminateProcess
CreateProcessW
GetThreadContext
ReadProcessMemory
GlobalAlloc
VirtualQueryEx

user32

SendMessageW
wsprintfA
ShowWindow
FindWindowW
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
wsprintfW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
CreateServiceW
CloseServiceHandle
DeleteService
OpenServiceW
OpenSCManagerW
StartServiceW
ChangeServiceConfigW
RegSetValueExW

msvcrt

fread
??1type_info@@UAE@XZ
malloc
realloc
_except_handler3
??3@YAXPAX@Z
strchr
_CxxThrowException
__CxxFrameHandler
strstr
wcsstr
fopen
fclose
fseek
ftell
??2@YAPAXI@Z

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b79b25138368ef9c2bcb308e6ced79

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 7KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 7KB

.rsrc
Size: 98KB - Virtual size: 98KB