019aae6df470cddcd82534e57037341b_JaffaCakes118

General

Target

019aae6df470cddcd82534e57037341b_JaffaCakes118
Size

328KB
MD5

019aae6df470cddcd82534e57037341b
SHA1

3dff4a6faad3325c7600834d1a7c2c362887865b
SHA256

8dee4f6bc8513c5e9b387ea11183bb2964c2e73f7dc7a430060aaa0d4ae9b99e
SHA512

09d5c811227228a059c5ef989486b0c30ff8f51f786db1330f8e950cdcd1e608f276ea17d055ef3ceaf44d22f3f28d025e6a0312306b83dc8211232af8378d5a
SSDEEP

6144:aCHhOk2vb0Lv1Azgm4mxTg4OT/zNBv8wxvYfLQplE6R471K:aCBONvb075m4aM4OT77VlYDQplE6ip

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
019aae6df470cddcd82534e57037341b_JaffaCakes118

Files

019aae6df470cddcd82534e57037341b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

580fc9c0d3bae57f4579fe0645021bc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LPSAFEARRAY_UserMarshal
VarCat

advapi32

GetServiceDisplayNameA
SetNamedSecurityInfoA
BuildTrusteeWithNameA
SetServiceStatus
BuildImpersonateTrusteeA
GetFileSecurityA

msvcrt

_onexit
__dllonexit
_wgetcwd
_execve
__getmainargs
_commit
_acmdln
__set_app_type
fread
_controlfp
_except_handler3
_initterm
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
fmod

mpr

WNetConnectionDialog1A
MultinetGetConnectionPerformanceA
WNetAddConnectionA
WNetCancelConnectionA
WNetDisconnectDialog

version

VerQueryValueW
VerInstallFileW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA

user32

CreateIconFromResourceEx

mfc42

ord1088
ord4080
ord3079
ord3825
ord3831
ord3830
ord1037
ord2976
ord3081
ord2985
ord3262
ord4424
ord4465
ord3259
ord1030
ord2982
ord1044
ord5714
ord1046
ord5307
ord1065
ord1000
ord2725
ord5302
ord1004
ord1003
ord2396
ord1080
ord1089
ord3738
ord561
ord1168
ord1576
ord1081
ord815
ord6375
ord4486
ord1033
ord1010
ord5731
ord3922

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

580fc9c0d3bae57f4579fe0645021bc4

Headers

File Characteristics

Imports

oleaut32

advapi32

msvcrt

mpr

version

user32

mfc42

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 48KB - Virtual size: 2.4MB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 48KB - Virtual size: 2.4MB

.rsrc
Size: 52KB - Virtual size: 50KB