fe0c73db3ffc3d68cb03639e21d5a4a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe0c73db3ffc3d68cb03639e21d5a4a8_JaffaCakes118
Size

220KB
MD5

fe0c73db3ffc3d68cb03639e21d5a4a8
SHA1

11006fe171f35bbaf6d165f024dea83337046082
SHA256

9d52602a19c8cefa45bb27b1035164e669b06a243e077b1a76d02943d12d2ffe
SHA512

0f7b89d7559adb9799ee7f245049532bf929a194f627938e97a1f02088824f7e0254cb56a8fa8b98884426f7dd5e7eab70317e82f34d2a64dc07950b3e698df4
SSDEEP

3072:++5ePIFBWOcdQbD4jtlFg4Oov9tX0FBEAMg8s4Y75zx0EPn:++5PFsfSbDimov0Ul0575zxdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0c73db3ffc3d68cb03639e21d5a4a8_JaffaCakes118

Files

fe0c73db3ffc3d68cb03639e21d5a4a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4abf110158de1d893c616df8110d0a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
OleInitialize
OleSetContainedObject

advapi32

SetServiceStatus
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
QueryServiceStatus
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueW
GetTokenInformation
DeleteService
CreateServiceA
SetSecurityDescriptorDacl
SetEntriesInAclA
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken

sti

StiCreateInstanceW

usp10

ScriptFreeCache
ScriptGetGlyphABCWidth
ScriptApplyLogicalWidth
ScriptStringGetLogicalWidths
ScriptStringValidate
ScriptItemize
ScriptCacheGetHeight

kernel32

GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
ReadFile
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
RemoveDirectoryA
TlsAlloc
GetProfileStringW
lstrlenA
GetWindowsDirectoryA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
IsBadReadPtr
IsBadCodePtr
GetACP

Exports

Exports

Uqypyzo
Uru

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4abf110158de1d893c616df8110d0a42

Headers

File Characteristics

Imports

ole32

advapi32

sti

usp10

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 104KB - Virtual size: 771KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 104KB - Virtual size: 771KB

.reloc
Size: 8KB - Virtual size: 7KB