f68d0c7f5d59fde9b0151492a48be7dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f68d0c7f5d59fde9b0151492a48be7dc_JaffaCakes118
Size

184KB
MD5

f68d0c7f5d59fde9b0151492a48be7dc
SHA1

eda7f9bb02607021ed8b0bdc52c4e4cd30192e46
SHA256

e85de8702f562fccdee487707d10207fff8e1f182c5b618fc6c3c3e32ce11122
SHA512

4a6bc44c1c019288a87ff5b380d12b2768dc4a3cd19455797cd0737ab4675afcd84f639d31efcb5d42ec6cd5eeaaf9ea3c8fbfb3b14a05e6f58d6f8164396ee5
SSDEEP

3072:Vo+ZN+mvF4gInGoeHe0lVXpzvThNKhexcwixJfk03w+:9NxczeHDTvOQ2w6VtA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f68d0c7f5d59fde9b0151492a48be7dc_JaffaCakes118

Files

f68d0c7f5d59fde9b0151492a48be7dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8d4e1f4e631a04ee6351537fb30bb21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
SetUnhandledExceptionFilter
OpenEventA
ExpandEnvironmentStringsA
SleepEx
GetShortPathNameA
CreateEventA
WaitForSingleObject
GetModuleFileNameA
CreateFileA
WriteFile
GetFileTime
SetFileTime
MoveFileA
GetCurrentDirectoryA
GetTempPathA
GetWindowsDirectoryA
lstrcpyA
CloseHandle
SetEnvironmentVariableA
ExitProcess
GetModuleHandleA
Sleep
lstrcatA
GetSystemDirectoryA
GetTickCount
SetFileAttributesA
DeleteFileA
GetStartupInfoA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
GetCurrentProcess

msvcrt

_strrev
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_exit
??1type_info@@UAE@XZ
strncpy
__CxxFrameHandler
strcmp
memset
strchr
_ftol
srand
rand
_except_handler3
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
strlen
_XcptFilter
_stricmp

shlwapi

SHDeleteKeyA

user32

CharNextA
wsprintfA

advapi32

RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
StartServiceA
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
RegConnectRegistryA
ChangeServiceConfig2A
CloseServiceHandle
DeleteService
RegRestoreKeyA
RegSaveKeyA
CreateServiceA
ControlService
GetServiceDisplayNameA
GetServiceKeyNameA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8d4e1f4e631a04ee6351537fb30bb21

Headers

File Characteristics

Imports

kernel32

msvcrt

shlwapi

user32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 164KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 1KB