9ecf7d85e800f22b22fe9d60d758f92f_JaffaCakes118

General

Target

9ecf7d85e800f22b22fe9d60d758f92f_JaffaCakes118
Size

278KB
MD5

9ecf7d85e800f22b22fe9d60d758f92f
SHA1

9b5cc0e30d74b1b592b95d1e9ea4521c4c189da2
SHA256

62bb658df1884fdb9d1505a9501cbc346a3544a60bfc994bca07001261fd1078
SHA512

d00c616a930fed6b082426b75da601e7f16a70c01e1864067e7d0ffa73632444f32369e96cc5c6f76453f12ca05a6a570a346d1754fa4c3190e0b3833c9ad0f5
SSDEEP

6144:4V3AZxwWypYC4dmignWt3ajrqg3rBqA5eQ0/WpXyP8Kp1Xr:pZaWypYCum3Wt3EKQOWpip17

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ecf7d85e800f22b22fe9d60d758f92f_JaffaCakes118

Files

9ecf7d85e800f22b22fe9d60d758f92f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6cfbd8c16c0af9b59d5c2b3630e4109

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetFolderPathW

gdi32

DeleteObject

advapi32

DeregisterEventSource
ReportEventW
DeleteService
RegisterEventSourceW
OpenProcessToken
ControlService
OpenServiceW
OpenThreadToken
SetServiceStatus
OpenSCManagerW
RegEnumKeyExW
CloseServiceHandle
CreateServiceW

kernel32

GetCommandLineW
FindAtomA
GetExitCodeThread
LeaveCriticalSection
ResumeThread
FindNextFileW
GetFileAttributesW
GetSystemTimeAsFileTime
OpenThread
DeleteFileW
GetTickCount
GetCurrentProcessId
FindClose
SetPriorityClass
EnumResourceLanguagesA
QueryPerformanceCounter
SetThreadPriority
EnterCriticalSection
LoadLibraryExW
CreateFileW
LoadModule
FindFirstFileW
CopyFileW
ExitProcess
GetProcAddress
GetStartupInfoW
ReleaseMutex
OutputDebugStringW
GetModuleHandleA
LoadResource
DeviceIoControl
CreateDirectoryW
GetDriveTypeW
FindResourceW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 133KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6cfbd8c16c0af9b59d5c2b3630e4109

Headers

File Characteristics

Imports

shell32

gdi32

advapi32

kernel32

setupapi

Sections

.text Size: 133KB - Virtual size: 269KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 141KB - Virtual size: 141KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 133KB - Virtual size: 269KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 512B - Virtual size: 4KB