f9c7263fe0b46e209548a0cf0d812da8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9c7263fe0b46e209548a0cf0d812da8_JaffaCakes118
Size

157KB
MD5

f9c7263fe0b46e209548a0cf0d812da8
SHA1

8d3454a538eae5cab6d32e735acce5c97ba5bd35
SHA256

6328bcda2bd6a00930ba5f35c89e0d2690d865ee637e5f6eabb43fa18578d414
SHA512

ac1e01d40dc976ddd1e34a2d9af612b3e81e88fedaf03f32d11ce7e5d5eae517526697baa3f9e85d74b889b68988f776799b3ab3016748f68773f049c459ad18
SSDEEP

3072:7lyEizJb8KHP775QlhMB33+cgclHuSXfDzlJYUegd4x0rPj/5cta:7lUF4Kz75yk33+PquqjhD4xML/5cQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9c7263fe0b46e209548a0cf0d812da8_JaffaCakes118

Files

f9c7263fe0b46e209548a0cf0d812da8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c3573b92c115096f2ced28522398166

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetFileAttributesA
lstrcmpA
FreeLibrary
LoadLibraryA
ReadFile
SetFilePointer
GetModuleFileNameA
GetLocalTime
SetUnhandledExceptionFilter
lstrcmpiA
ReleaseMutex
CreateMutexA
GetCommandLineA
GetCurrentThreadId
VirtualProtect
GetLocaleInfoA
SetStdHandle
GetStringTypeW
GetStringTypeA
lstrcpyA
GetTempPathA
GetTickCount
FindResourceA
LoadResource
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SizeofResource
WriteFile
Process32Next
lstrlenA
CloseHandle
FreeResource
MoveFileA
SetFileAttributesA
DeleteFileA
GetSystemDirectoryA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
lstrcatA
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetModuleHandleA
GetProcAddress
OpenProcess
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Sleep
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
RtlUnwind
RaiseException
GetStartupInfoA
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
GetSystemInfo

user32

PostThreadMessageA
GetMessageA
wsprintfA
GetInputState

advapi32

GetLengthSid
OpenServiceA
ControlService
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
GetUserNameA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
AllocateAndInitializeSid
RegSetKeySecurity
FreeSid
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

netapi32

NetUserGetLocalGroups
NetApiBufferFree

Exports

Exports

JustTempFun

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c3573b92c115096f2ced28522398166

Headers

File Characteristics

Imports

kernel32

user32

advapi32

netapi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 108KB - Virtual size: 108KB