df6b155656bc13fe2fe4123e9895331c_JaffaCakes118

General

Target

df6b155656bc13fe2fe4123e9895331c_JaffaCakes118
Size

68KB
MD5

df6b155656bc13fe2fe4123e9895331c
SHA1

27512a678dbc6fde5b82ff2a14f3a59d7dcc587a
SHA256

483b111e1fe3cb64b5433a0bef2370d73ba315f9b858a2c513f12f887329e88b
SHA512

5860fdffc10e6af04563df7d17873b741cd2b6780f87e5e607d5f96630c5374cf8cc27ec2f4097891157b7eefd4c418c1c415a0c7389eb5453623116b1840596
SSDEEP

768:Afn+IOXpA/JMI5/St6BdKROFxrzuDW4pdoClIvHdsSh+XnFIE:Afn+pWStgd+YVSDWIl4sSeFIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df6b155656bc13fe2fe4123e9895331c_JaffaCakes118

Files

df6b155656bc13fe2fe4123e9895331c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8836747c29357abad0b926618072034d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetSystemDirectoryA
CloseHandle
DeleteFileA
GetWindowsDirectoryA
DeviceIoControl
FindResourceA
LoadResource
SizeofResource
CreateFileA
LockResource
CompareStringW
CompareStringA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA

advapi32

StartServiceA
OpenServiceA
DeleteService
CreateServiceA
OpenSCManagerA
CloseServiceHandle
ControlService

shell32

ShellExecuteA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8836747c29357abad0b926618072034d

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 16KB