41f79279de627ee89c6182f9808cd6a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41f79279de627ee89c6182f9808cd6a8_JaffaCakes118
Size

73KB
MD5

41f79279de627ee89c6182f9808cd6a8
SHA1

c3332c545f5f32482bd8c5a2706473df513a2283
SHA256

bbf1ee78480ffff931c0746e643326e2d2ca852211d24947046d532999cfb22f
SHA512

6caacce2b6cc3ed88976a011b3bf93daf056d9c92a1515cf76546cf53d602de2aaec4e5841c6f057b669b6cd935f13c62be0b8543285e02fb3f652615ea1b617
SSDEEP

1536:YgPVqEW7s2D6Yf3lKcAF13Ik4wS+U9MX82R0hHDbInUZcOOyX9rkQ:Yg7k6YfVi1Ze+JMvHDAF6rkQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41f79279de627ee89c6182f9808cd6a8_JaffaCakes118

Files

41f79279de627ee89c6182f9808cd6a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

534b372f9024392a6eb6830cdc5ba6f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
LookupPrivilegeValueA
OpenServiceA
QueryServiceConfig2A
RegCloseKey
RegDeleteKeyA
SetSecurityDescriptorDacl
SetServiceStatus
UnlockServiceDatabase

kernel32

ContinueDebugEvent
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetFileTime
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalLock
GlobalReAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
LCMapStringA
LoadLibraryA
LoadLibraryExA
LockResource
MoveFileA
OpenEventA
QueryPerformanceCounter
ResumeThread
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetPriorityClass
SetStdHandle
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA

user32

BeginPaint
CallNextHookEx
CharUpperA
CreateWindowExA
DispatchMessageA
DrawTextA
GetCursorPos
GetDC
GetDlgItemTextA
GetForegroundWindow
GetMessageA
GetWindow
GetWindowLongA
GetWindowTextA
IsChild
IsRectEmpty
LoadCursorA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PostMessageA
SetCursor
SetDlgItemTextA
SetRect
SetWindowRgn
SystemParametersInfoA
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WinHelpA
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tjfpi
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fuutp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

534b372f9024392a6eb6830cdc5ba6f8

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 32KB - Virtual size: 36KB

.bss Size: 16KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

tjfpi Size: 1KB - Virtual size: 4KB

fuutp Size: 1KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.bss
Size: 16KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

tjfpi
Size: 1KB - Virtual size: 4KB

fuutp
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB