fa1168c6e807d9fb8bfcab9a8a2d81bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa1168c6e807d9fb8bfcab9a8a2d81bc_JaffaCakes118
Size

625KB
MD5

fa1168c6e807d9fb8bfcab9a8a2d81bc
SHA1

9f30d76332beda2333352bf161f9daf7b5e9d27a
SHA256

7fcdefa84266b6104a1c2e8af4e1df603fe7d14c2002e253fbaf4ce689c645ea
SHA512

699e14cffe4009d0fb6f1353da598cb9ae53e4b45c27855e35a673db74e9468f3c765298676d8285205b667576bc58bf5cd4210c2a6dddd1c48fe9a63d4c246b
SSDEEP

6144:I85PWKK1EcJlKdUAY0Dk0bVXbGADqc7bEbGqlsvu++VR/UFd+6i43PHHy5h4mt/O:rD+qmJ0DF8Tbsu+aRp5h40XbT8RWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa1168c6e807d9fb8bfcab9a8a2d81bc_JaffaCakes118

Files

fa1168c6e807d9fb8bfcab9a8a2d81bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

103244aec79376e6778971e78b614aa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
FindNextFileW
LoadLibraryW
GetModuleFileNameW
DisableThreadLibraryCalls
GetLastError
ExpandEnvironmentStringsW
GetSystemInfo
FindClose
FindFirstFileW
GetFileAttributesW
OutputDebugStringA
InterlockedCompareExchange
UnmapViewOfFile
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
MulDiv
ReleaseMutex
FreeLibrary
CreateThread
CreateEventW
CreateFileW
EnterCriticalSection
LocalReAlloc
LocalFree
WaitForSingleObject
GetModuleHandleA
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
VirtualProtect
GetVersion
GetCommandLineA
LeaveCriticalSection
GetStartupInfoA

user32

LoadStringW
wsprintfW
wvsprintfW

advapi32

OpenServiceW
CreateServiceW
OpenSCManagerW
StartServiceW
QueryServiceStatus
RegCloseKey
DeleteService
RegOpenKeyA
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
ControlService
RegOpenKeyExW
RegQueryValueExW
CloseServiceHandle

ole32

CoCreateInstance
CoGetClassObject

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
localtime
time
_except_handler3
_amsg_exit
_initterm
free
memset
memcpy
_wcsicmp
wcstombs
_adjust_fdiv
malloc
_CxxThrowException
wcslen
wcschr
wcscpy
wcsrchr
wcscat
swprintf
_wtoi
_fileno
__pioinfo
__badioinfo
realloc
iswctype
wctomb
localeconv
isxdigit
__mb_cur_max
mbtowc
isdigit
_onexit
_lock
__dllonexit
_unlock
_errno
__CxxFrameHandler
memmove
strncmp
_finite
_XcptFilter
_exit
exit
_acmdln
__getmainargs
__setusermatherr

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

103244aec79376e6778971e78b614aa3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 257KB - Virtual size: 256KB

.data Size: 1024B - Virtual size: 254KB

.rsrc Size: 222KB - Virtual size: 224KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 257KB - Virtual size: 256KB

.data
Size: 1024B - Virtual size: 254KB

.rsrc
Size: 222KB - Virtual size: 224KB