123558ecd0eaf73e7e6ad6b9c5c1e07c_JaffaCakes118

General

Target

123558ecd0eaf73e7e6ad6b9c5c1e07c_JaffaCakes118
Size

152KB
MD5

123558ecd0eaf73e7e6ad6b9c5c1e07c
SHA1

ceb02552d1a8c21df220c93a510c81f1e73cd535
SHA256

9d602db06f9ccf82b990ea200c0e1ce942d523e8c09423e3fe29f3ca667c1dca
SHA512

f6ef76654162ab0396c96cdca7a17b8c470994d109465ba3562007e150c6701acfa82ff4b2732ea22917860035ba0f1c3e7f161c8302405c8dc55a0e1048cc8c
SSDEEP

1536:m+ZQdrRBYD9LaqtiwdNid7l3c84oSvC/U:fydr0DhpiwG7lgoSac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
123558ecd0eaf73e7e6ad6b9c5c1e07c_JaffaCakes118

Files

123558ecd0eaf73e7e6ad6b9c5c1e07c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

516954bbe4aa77378999ac8bec567686

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
FormatMessageA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
SetHandleCount
GetFileType
GetStartupInfoA
IsBadWritePtr
IsBadReadPtr
HeapValidate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
GetLastError
SetConsoleCtrlHandler
HeapAlloc
HeapReAlloc
VirtualAlloc
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
CloseHandle
SetStdHandle
LCMapStringA
LCMapStringW

advapi32

StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
DeleteService
ControlService

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

516954bbe4aa77378999ac8bec567686

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB