39119601ce46c3ae779437e56392620f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39119601ce46c3ae779437e56392620f_JaffaCakes118
Size

240KB
MD5

39119601ce46c3ae779437e56392620f
SHA1

703074fcd1132a124c2314d464c9f68860546280
SHA256

6da2d0bfd15f3a91c8b70ec6a81a686090dffb4dd7253e5424885d0ed0ef7d26
SHA512

e48ac546e4652f8df6771b5fc1516be3ca4bd114bc4ab6c670c3b8f1ac434991b9ffb6f18210cddf67eed1daab9eac6d46fa7b90c66f3378ef0fde6d45201be5
SSDEEP

6144:HsJXqc4LKWGFpJsuoN6FynSJmK6QO0m63Npo:H0nxJpocEDtQlm63Ny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39119601ce46c3ae779437e56392620f_JaffaCakes118

Files

39119601ce46c3ae779437e56392620f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6ec99b490c4cff33bb50b04a8bfd9d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

setupapi

SetupCloseInfFile
SetupOpenInfFileA
SetupDiDestroyDeviceInfoList
SetupInstallServicesFromInfSectionA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstallParamsA
SetupDiSetClassInstallParamsA

kernel32

GetProcessShutdownParameters
TerminateProcess
SetStdHandle
UnhandledExceptionFilter
EnterCriticalSection
GetCommandLineA
WriteFile
MultiByteToWideChar
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetVersionExA
FreeLibrary
GetModuleHandleA
DeleteCriticalSection
Sleep
FreeEnvironmentStringsW
VirtualAlloc
FindClose
GetSystemDirectoryW
GetProcAddress
CreateProcessA
GetFileSize
ExitProcess
HeapAlloc
GetStringTypeW
GetCurrentThreadId
TlsAlloc
GetExitCodeProcess
GetStartupInfoA
GetSystemDirectoryA
GetOEMCP
LoadLibraryA
GetEnvironmentStringsW
HeapCreate
HeapReAlloc
HeapDestroy
lstrcpyA
lstrlenA
FreeEnvironmentStringsA
ExitProcess
GetEnvironmentVariableA
LeaveCriticalSection
GetCPInfo
InterlockedIncrement
CloseHandle
WideCharToMultiByte
GetVersion
LCMapStringA
InitializeCriticalSection
SetLastError
TlsGetValue
VirtualFree
RtlUnwind
GetFileType
GetCurrentProcess
GetStringTypeA
SetFilePointer
FindFirstFileA
DeleteFileA
HeapFree
GetModuleFileNameA
GetLastError
GetACP
InterlockedDecrement
LCMapStringW
TlsSetValue
GetWindowsDirectoryA
WaitForSingleObject
lstrcmpiA
FlushFileBuffers

user32

wsprintfA
EnumWindowStationsA
wsprintfW

advapi32

CreateServiceA
DeleteService
OpenServiceA
RegFlushKey
QueryServiceStatus
RegOpenKeyA
ControlService
OpenSCManagerA
QueryServiceConfigA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
StartServiceA
CloseServiceHandle
RegCloseKey

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6ec99b490c4cff33bb50b04a8bfd9d9

Headers

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 118KB - Virtual size: 117KB

.strings Size: 5KB - Virtual size: 137KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 118KB - Virtual size: 117KB

.strings
Size: 5KB - Virtual size: 137KB