f9bd85de2dc6c920aab809387d509300_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9bd85de2dc6c920aab809387d509300_JaffaCakes118
Size

172KB
MD5

f9bd85de2dc6c920aab809387d509300
SHA1

aa118dae16dca8a3d5d82c9b7341a514cd845c77
SHA256

7f04ad28dd706c345df8157da979744396c7c86c25c7eb290c66ba930289b33d
SHA512

01558656bd598b736079f688c00734f23d419d58da33ed1409bfab3054e2857e9e8d1a4311c00373c9b4f839bf9a3693a75f84ef35bf1952c670c76997322064
SSDEEP

3072:CmMgFZbD21A7c0oESQsPdN5hsFP5N8YqCI3cjvbV/95VjlNkTh56aD:tM+Dh7nnS/PH5h6xNOCU8/DVjIh56aD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9bd85de2dc6c920aab809387d509300_JaffaCakes118

Files

f9bd85de2dc6c920aab809387d509300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fea10403e96e9453d8d8884ec26970f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
OpenProcessToken
OpenServiceA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegSetValueExA
RegisterServiceCtrlHandlerA

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FindFirstFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetConsoleCP
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDriveTypeA
GetFileAttributesA
GetLastError
GetLocalTime
GetPrivateProfileSectionNamesA
GetProcAddress
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GlobalHandle
GlobalLock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedCompareExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFree
Module32First
MoveFileExA
MultiByteToWideChar
OpenEventA
ReadProcessMemory
RemoveDirectoryA
ResumeThread
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

user32

CopyRect
CreateWindowExA
DefWindowProcA
DialogBoxParamA
DrawIcon
EndDialog
ExitWindowsEx
FindWindowA
GetDC
GetDlgCtrlID
GetKeyState
GetMessageA
GetSystemMenu
GetWindowTextLengthA
IntersectRect
IsIconic
IsWindowVisible
KillTimer
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
MoveWindow
PostMessageA
RegisterClassA
ReleaseDC
SetRect
SetWindowLongA
SetWindowTextA
SystemParametersInfoA
TranslateMessage
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 110KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fea10403e96e9453d8d8884ec26970f5

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 28KB

.INIT Size: 110KB - Virtual size: 236KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 24KB - Virtual size: 28KB

.INIT
Size: 110KB - Virtual size: 236KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 16KB - Virtual size: 15KB