e0442e5d7692641b27358966b64b975c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0442e5d7692641b27358966b64b975c_JaffaCakes118
Size

157KB
MD5

e0442e5d7692641b27358966b64b975c
SHA1

6362965adb5b99f3011d20cdcecc16560b5a7512
SHA256

5cc5e74485982065639891a212d0a3072039b54b96c53036b20977a4ffcc0eb8
SHA512

41810ae8176596b90b01dd78d72f45c2aed83f40f8123775167968ce93aeb4ded0ae13436aad34c1482158f3ca3d88de5b581dc0a54a48d0eedbff2cf67349ff
SSDEEP

3072:VUDG+QGlxu0GRiHPW7E/VWqTbb6OZyqFDsYCoUZZ+rLZt9eSrMI70xnnakwQ:VWG+QGllGRiHPcE/9X6OBWYvcgrLZPbI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0442e5d7692641b27358966b64b975c_JaffaCakes118

Files

e0442e5d7692641b27358966b64b975c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2aafd7862040fa6f3ef20e9dfa3826a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetTempPathA
SetFileAttributesA
GetFileAttributesA
lstrcpyA
MoveFileA
lstrcmpiA
GetStartupInfoA
GetTickCount
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
WriteFile
SizeofResource
LoadResource
SetLastError
FreeResource
GetModuleHandleA
GetProcessHeap
HeapFree
HeapAlloc
GetProcAddress
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryA
lstrcatA
CreateFileA
SetFilePointer
ReadFile
GetCommandLineA
GetModuleFileNameA
CreateMutexA
lstrlenA
CloseHandle
Sleep
ReleaseMutex
GetLastError
GetCurrentThreadId
SetUnhandledExceptionFilter
DeleteFileA

user32

wsprintfA
PostThreadMessageA
GetInputState
GetMessageA

advapi32

SetSecurityDescriptorDacl
AllocateAndInitializeSid
StartServiceA
OpenServiceA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
SetFileSecurityA
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
InitializeSecurityDescriptor
AddAccessAllowedAce
GetAce
AddAce
GetAclInformation
InitializeAcl
GetLengthSid
EqualSid
GetUserNameA
RegSetKeySecurity
RegEnumKeyExA
RegEnumValueA
FreeSid

msvcrt

_acmdln
memset
strchr
strstr
??3@YAXPAX@Z
malloc
realloc
??2@YAPAXI@Z
_except_handler3
_CxxThrowException
__CxxFrameHandler
strncat
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_strnicmp
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

netapi32

NetUserGetLocalGroups
NetApiBufferFree

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2aafd7862040fa6f3ef20e9dfa3826a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

netapi32

Sections

.text Size: 22KB - Virtual size: 21KB

.data1 Size: 1024B - Virtual size: 880B

.rsrc Size: 133KB - Virtual size: 133KB

.text
Size: 22KB - Virtual size: 21KB

.data1
Size: 1024B - Virtual size: 880B

.rsrc
Size: 133KB - Virtual size: 133KB