f0a887d4e345b2ae991952a157dead62_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f0a887d4e345b2ae991952a157dead62_JaffaCakes118
Size

73KB
MD5

f0a887d4e345b2ae991952a157dead62
SHA1

21cb875e0b74a8a6f7a1e4d80c63822f80ee5561
SHA256

234c93f17a0d88bf41d8b4050e968492f16aa3ce083685c50ddfbe4034e526e4
SHA512

32d56f7df02ee05c6de3158679fc26c16b951c2b4d37ace2676c3c38212dcb6416511da630efb52b6c9fd7d5e71cb831b5caaabbdab162817086c8351e4591a3
SSDEEP

1536:eA5SLyJlVqoX6fQ91KWKysoJZFpq9SBSmuMAVLWAfGV/hp2p0Lk2YkH:eA5S+JlVNXQyHHzq9IuMmWAuFhQuWkH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0a887d4e345b2ae991952a157dead62_JaffaCakes118

Files

f0a887d4e345b2ae991952a157dead62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cb357dc9a69059baa2a0a6539fadb92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeleteService
EqualSid
OpenProcessToken
RegCloseKey
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
UnlockServiceDatabase

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteAtom
DeleteCriticalSection
DuplicateHandle
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FreeEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetComputerNameA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStringsA
GetExitCodeProcess
GetFileSize
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStringTypeA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LeaveCriticalSection
LoadLibraryExA
LocalAlloc
Module32First
MoveFileA
QueryPerformanceCounter
RaiseException
RemoveDirectoryA
ResetEvent
SetErrorMode
SetFileAttributesA
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsSetValue
VirtualAlloc
VirtualQuery
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoGetMalloc
CoInitializeEx
CoRevokeClassObject
OleRegGetMiscStatus
StringFromCLSID

user32

CharPrevA
DispatchMessageA
EnableMenuItem
GetClassNameA
GetDlgItemTextA
GetForegroundWindow
GetParent
GetSysColorBrush
GetWindowLongA
GetWindowPlacement
GetWindowThreadProcessId
IntersectRect
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadCursorA
LoadImageA
LoadStringA
MessageBeep
MessageBoxA
OffsetRect
SendDlgItemMessageA
SetCursor
SetDlgItemInt
SetDlgItemTextA
ShowWindow
SystemParametersInfoA
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

CODE
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cb357dc9a69059baa2a0a6539fadb92

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

CODE Size: 38KB - Virtual size: 40KB

BSS Size: - Virtual size: 12KB

CRT Size: 29KB - Virtual size: 32KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

CODE
Size: 38KB - Virtual size: 40KB

BSS
Size: - Virtual size: 12KB

CRT
Size: 29KB - Virtual size: 32KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB