44b55666c85afb54159cd45f7f487857_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44b55666c85afb54159cd45f7f487857_JaffaCakes118
Size

88KB
MD5

44b55666c85afb54159cd45f7f487857
SHA1

703cdb2bb0d6893019f9ff8f16e2e33352afdd54
SHA256

6775d8c955369270ce1929923c89895c5093971c316eddc5f2c5960fc347dd76
SHA512

35187f38f74be9590d033c899d4e359109a383ed5ffb331d28bfa8e7c850edd71a44c7963cdbd66c9537c3588dca0324ab11ca2de9529c713f2fd0f4cdeb8a29
SSDEEP

768:hWS/e4gJKnBfDAO/jkeobEsd/GCGZpnspUTQQovd7QnkSCKw4FdcQf0Qtuya:1BTBTQb1/G104QQovZQk+ZASruH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b55666c85afb54159cd45f7f487857_JaffaCakes118

Files

44b55666c85afb54159cd45f7f487857_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c70ad9b1e965493c1eae59dc59a634d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
CloseServiceHandle
CreateServiceA
DeleteService
GetSecurityDescriptorControl
GetTokenInformation
LookupAccountSidA
LookupPrivilegeValueA
OpenServiceA
RegEnumKeyExA
RegFlushKey
SetSecurityDescriptorDacl

kernel32

CompareStringA
CreateDirectoryA
CreateEventA
CreateMutexA
DeleteAtom
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FreeEnvironmentStringsA
FreeLibrary
GetConsoleCP
GetCurrentProcess
GetEnvironmentStringsA
GetFileSize
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemInfo
GetSystemTime
GetTimeFormatA
GetTimeZoneInformation
GetVersionExA
GlobalAlloc
GlobalHandle
GlobalReAlloc
HeapAlloc
HeapCreate
HeapFree
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFree
LockResource
MapViewOfFile
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
ResetEvent
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetPriorityClass
SetStdHandle
SetThreadPriority
SuspendThread
TerminateProcess
TlsFree
TlsSetValue
UnmapViewOfFile
VirtualFree
VirtualQuery
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcpynA
lstrlenA

user32

CharNextA
CheckDlgButton
DestroyIcon
DialogBoxParamA
EndDialog
EnumChildWindows
EqualRect
FillRect
GetDlgItem
GetKeyState
GetParent
GetSystemMenu
GetWindowRect
IntersectRect
InvalidateRect
IsChild
IsRectEmpty
IsWindowVisible
LoadStringA
MessageBeep
MessageBoxA
PeekMessageA
PostMessageA
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SetDlgItemInt
TranslateMessage

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c70ad9b1e965493c1eae59dc59a634d

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 28KB - Virtual size: 28KB

.CRT Size: 24KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 16KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.CRT
Size: 24KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB