0faefb44df603d5fc5dc91af291b9ed5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0faefb44df603d5fc5dc91af291b9ed5_JaffaCakes118
Size

61KB
MD5

0faefb44df603d5fc5dc91af291b9ed5
SHA1

52aa8be0c7eaa5df54b72f4dce540ad83f9449e4
SHA256

05ac463b73d87b1bdab23c2b638c8635cc455037ffa5798542dc34e320817711
SHA512

e8f229df3ae19c0414b151c0aa27a59fe1057a664c74144c03c114b0a2d85569ad6af51962745cf333fd73274ac3532be5fc3c7a4e49e5cdfce8040eae947ad8
SSDEEP

1536:qMxRik4ATBmzHF1P72lgue+k9Z8Oqt8Wq595Ivkw:qMxR54cB2Xal2zZqaWq595Ivkw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0faefb44df603d5fc5dc91af291b9ed5_JaffaCakes118

Files

0faefb44df603d5fc5dc91af291b9ed5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7c739d1bba240d9c3a2238f30075fd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
ChangeServiceConfig2A
EqualSid
LookupAccountSidA
OpenSCManagerA
QueryServiceConfig2A
QueryServiceStatus
RegCloseKey
RegOpenKeyExA
RegisterServiceCtrlHandlerA
StartServiceA

kernel32

CloseHandle
CompareStringA
ContinueDebugEvent
CreateEventA
CreateFileA
CreateMutexA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FormatMessageA
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsA
GetFileAttributesA
GetFileTime
GetFileType
GetLastError
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemTimeAsFileTime
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GlobalAlloc
GlobalHandle
GlobalUnlock
HeapCreate
HeapFree
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalFree
MoveFileA
MoveFileExA
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReadProcessMemory
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFileAttributesA
SetPriorityClass
SetThreadPriority
Sleep
SuspendThread
TlsGetValue
UnhandledExceptionFilter
WaitForSingleObject
WriteConsoleA
lstrcmpiA
lstrcpyA
lstrcpynA

user32

BeginPaint
CharNextA
CharUpperA
EqualRect
FindWindowA
GetCapture
GetCursorPos
GetDC
GetDesktopWindow
GetMessageA
GetParent
GetProcessWindowStation
GetWindowPlacement
GetWindowRect
GetWindowTextLengthA
InflateRect
IsWindowVisible
LoadIconA
LoadImageA
MessageBoxA
OffsetRect
PostMessageA
RegisterClassA
RegisterClassExA
SendDlgItemMessageA
SetDlgItemInt
SetTimer
SystemParametersInfoA
UpdateWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

sguvg
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kkusv
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7c739d1bba240d9c3a2238f30075fd0

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.bss Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

sguvg Size: 1KB - Virtual size: 4KB

kkusv Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.bss
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

sguvg
Size: 1KB - Virtual size: 4KB

kkusv
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB