39e72dfd8e87b5004ff18d8e1f762f06_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39e72dfd8e87b5004ff18d8e1f762f06_JaffaCakes118
Size

1.1MB
MD5

39e72dfd8e87b5004ff18d8e1f762f06
SHA1

ae30d94758f48f2a9583584d5eb9f63160262278
SHA256

b2cf2bba2beb4a1647efe17183dd77815a43456e2f82beedc48c5dd4243af7b5
SHA512

eaa5fa69c7a5a376660146f4d0b8ef5a733bea59fc34f735ca29d203de1f47c94f1e3e554a67ee481e5f7034bc1ee2dadf6d37173ab3464ebaf0c8760a04bd83
SSDEEP

24576:oI54GH0HQyIjxbv5XAwADOMgoub8NKMQKtj:X4GUwZjxbLADOzoub8NKMht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39e72dfd8e87b5004ff18d8e1f762f06_JaffaCakes118

Files

39e72dfd8e87b5004ff18d8e1f762f06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9b700a8c70389b74805974b2bd8ebf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Software\Need\Is\Need\Only.pdb

Imports

kernel32

GetFullPathNameW
QueryPerformanceCounter
GetCurrentThreadId
GetFileSize
GetModuleHandleW
WaitForSingleObject
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
LoadLibraryW
CreateDirectoryW
GetDiskFreeSpaceExW
CopyFileW
OpenProcess
ReadFile
GetSystemTimeAsFileTime
FreeLibrary
CloseHandle
GetFileType
LocalFree
WriteFile
WideCharToMultiByte
LocalAlloc
WriteConsoleW
GetStdHandle
GetFileAttributesW
GetLastError
CreateFileW
GetSystemDirectoryW
CompareStringW
MultiByteToWideChar
GetVersionExW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
Sleep
lstrcmpiA

user32

LoadStringW
CharNextW

advapi32

RegCreateKeyExW
EnumDependentServicesW
QueryServiceConfigW
QueryServiceStatusEx
ControlService
QueryServiceStatus
OpenSCManagerW
OpenServiceW
GetFileSecurityW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
AllocateAndInitializeSid
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAce
AddAce
SetSecurityDescriptorDacl
SetFileSecurityW
FreeSid
CloseServiceHandle
RegCloseKey
RegSaveKeyW
RegRestoreKeyW
StartServiceW

msvcrt

_chdir

setupapi

SetupDiGetDeviceInterfaceDetailW

Sections

.text
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 596KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9b700a8c70389b74805974b2bd8ebf3

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

msvcrt

setupapi

Sections

.text Size: 392KB - Virtual size: 389KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 596KB - Virtual size: 1.9MB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 392KB - Virtual size: 389KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 596KB - Virtual size: 1.9MB

.rsrc
Size: 36KB - Virtual size: 34KB