10fc4433c352769ec1f0009ce32ceeb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10fc4433c352769ec1f0009ce32ceeb4_JaffaCakes118
Size

76KB
MD5

10fc4433c352769ec1f0009ce32ceeb4
SHA1

9b2d530da3d4d76d094459a9e3b94b098eb65077
SHA256

6dabd1066747c92569516f39cc214bc9d6eeb02b6eca2ddd2a42eb8ef494fb95
SHA512

c699ff776b31e513b6344c590846914e0cc387052cf1902b6896463a0809cdd547bcbdf29aa75ed05213c463bc5c3e45272792857e9c977cad6de4462a10e2d4
SSDEEP

768:JztUN/8xAl15gq4C05hrQ6CAIVDc6m/kTohwVO46x6tUo8Qa:JekmcRzEDc6m8gV1ona

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10fc4433c352769ec1f0009ce32ceeb4_JaffaCakes118

Files

10fc4433c352769ec1f0009ce32ceeb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4615a1d5e767a2bea7276d497ff27c58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
OutputDebugStringA
GetTickCount
GetLastError
CopyFileA
GetVersionExA
CreateFileA
SystemTimeToFileTime
SetFileTime
CloseHandle
DeleteFileA
MoveFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
Sleep
GetModuleFileNameA
GetSystemTime
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
SetEnvironmentVariableA
GetFileAttributesA
RtlUnwind
GetTimeZoneInformation
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapFree
WriteFile
HeapAlloc
HeapReAlloc
HeapSize
ReadFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
VirtualAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
LCMapStringA

advapi32

RegQueryValueExA
StartServiceA
QueryServiceStatus
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
DeleteService
CreateServiceA
RegCreateKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeregisterEventSource
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateGuid

netapi32

Netbios

wininet

HttpQueryInfoA
InternetOpenA
InternetOpenUrlA
InternetSetOptionA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4615a1d5e767a2bea7276d497ff27c58

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

netapi32

wininet

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 456B

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 456B