de076b9762b97fdeabf8258ab4f6890f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de076b9762b97fdeabf8258ab4f6890f_JaffaCakes118
Size

44KB
MD5

de076b9762b97fdeabf8258ab4f6890f
SHA1

659bbda9f58be9c5c62b437545bef701ffc22a16
SHA256

3577e546d1acc1956cf64efa9b21ae84cdb0df93e14ad2c5d1cab8e11992f738
SHA512

69bcf9c527b3099efa140b4a245ab266e1257f1b10fa58eaea02f14d576a83d782b0334fad1e5348ceffb88c41fbe7737f8b9fc05749d5ddccb299cc441a573a
SSDEEP

768:ZP5b+bKkoxPfkYdhGDGCOQLGzeMKfBre+cR7nGjJBPB:ebroxPfk0hGEz7K5re+cR7nGXZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de076b9762b97fdeabf8258ab4f6890f_JaffaCakes118

Files

de076b9762b97fdeabf8258ab4f6890f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d8e1290c2b34d5ec5a9862ab482f139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

kernel32

IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
CreateEventA
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEvent
Sleep
GetModuleFileNameA
GetVersionExA
WriteFile
OpenProcess
GetModuleHandleA
CreateMutexA
CompareFileTime
GetSystemTimeAsFileTime
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrcmpiA
CreateProcessA
GetLastError
IsBadCodePtr
GetProcAddress
LoadLibraryA
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
HeapFree
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

LoadStringA
SetWindowTextA
PostQuitMessage
MessageBoxA
SendMessageA
CreateDialogParamA
GetDlgItem
GetMessageA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
SetWindowPos

advapi32

OpenSCManagerA
RegFlushKey
RegQueryValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
CreateServiceA
CloseServiceHandle
RegOpenKeyExA
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
RevertToSelf
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d8e1290c2b34d5ec5a9862ab482f139

Headers

File Characteristics

Imports

psapi

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 7KB