3abe5fe273bdf3baaf57fbf9a5422a58_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3abe5fe273bdf3baaf57fbf9a5422a58_JaffaCakes118
Size

6KB
MD5

3abe5fe273bdf3baaf57fbf9a5422a58
SHA1

71f2b6388746e90ae543bae868a32e65545b8d9d
SHA256

b0bffb74f8c3fa6cff5bc28ff2ef6545be666587762fa4d0b4dc8effce14c5e1
SHA512

d79ac979b5ac842138ff5a86cb2b123d13f62953d4959a71195d0a1507c9089ed219b84027d747ba33d9ba56ce2a02211a2a77d724a08ed7a38bec71605f0be3
SSDEEP

192:vJm+W5l7j8+1GN5mva+7PiPzGxJB4bx6w:vJmhj51Gfmv2P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3abe5fe273bdf3baaf57fbf9a5422a58_JaffaCakes118

Files

3abe5fe273bdf3baaf57fbf9a5422a58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7e96dea54019d499b6149a1d92fa33a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tapi32

lineInitializeExW
lineNegotiateAPIVersion
lineGetDevCapsW
lineClose
lineShutdown
lineGetID
lineOpen

ntdll

RtlLargeIntegerShiftRight
LdrGetDllHandle
NtAllocateVirtualMemory

advapi32

StartServiceA
CloseServiceHandle
QueryServiceStatus
RegOpenKeyW
RegQueryValueExW
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
OpenServiceA
RegQueryValueExA
ChangeServiceConfigA
OpenSCManagerA
RegOpenKeyA

user32

wsprintfA

kernel32

VirtualFree
VirtualQuery
lstrlenW
WideCharToMultiByte
HeapAlloc
VirtualProtect
LCMapStringW
lstrcmpiA
lstrlenA
HeapReAlloc
GetProcessHeap
Sleep
lstrcmpiW
GetLastError
FormatMessageA
VirtualAlloc
LCMapStringA
GetLocaleInfoA
CreateFileA
LoadLibraryA
MultiByteToWideChar
GetCPInfo
GetSystemInfo
GetTempPathW
GetShortPathNameW
HeapFree
GetStringTypeA
GetVersionExA
CloseHandle
GlobalFree
GetStringTypeW
lstrcpyA
GetTempFileNameW
GlobalAlloc
DeleteFileW
LoadLibraryW
GetModuleHandleA
GetProcAddress
lstrcmpA
WriteFile
CreateDirectoryW
FreeLibrary

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

setupapi

SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW
SetupDiSetClassInstallParamsA
SetupCloseInfFile
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupGetSourceFileLocationA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupGetSourceInfoA
SetupOpenMasterInf
SetupPromptForDiskA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7e96dea54019d499b6149a1d92fa33a

Headers

File Characteristics

Imports

tapi32

ntdll

advapi32

user32

kernel32

ole32

setupapi

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB