JaffaCakes118_5ea5f4529955c637d17536e8760c3835

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_5ea5f4529955c637d17536e8760c3835
Size

46KB
MD5

5ea5f4529955c637d17536e8760c3835
SHA1

e35dfedf008cb143f3ebc6cbbee498edbd935177
SHA256

6932f5c845848c3b8d283d7cd805830eac4d1052fa39b95ef0691e957be2a417
SHA512

ffff3eb8d822e3fc237f8fc6be5cdefebed68ca82f45f2254250be80091d26684abb9477746a8d438c3e5167071cc1bff0d927b9438b21412e726beed197c58c
SSDEEP

768:oJOuKOVbv+18TV6VjnY5MTbmN5iRCaXC0FpL8fSlzXsJycERLj9loJ4UkQD/FdP:oJOuKOOkuY5WijiRnFpQ+sJbmlomJQDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5ea5f4529955c637d17536e8760c3835

Files

JaffaCakes118_5ea5f4529955c637d17536e8760c3835
.exe windows:4 windows x86 arch:x86

51cd8c4d404a3ac88e67d069bb6d3bbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

msvcrt

_initterm
free
_adjust_fdiv
malloc

cmdial32

AutoDialFunc

advapi32

OpenSCManagerW
RegCloseKey
RegEnumKeyExW
CloseServiceHandle
RegOpenKeyExW
RegQueryValueExW
QueryServiceStatus
RegSetValueExW
RegCreateKeyExW
OpenServiceW

shlwapi

StrCmpW
SHGetValueW
PathCombineW
PathFindFileNameW
StrCmpNIW
PathFindExtensionW
PathAppendW

ole32

CreateBindCtx
SetErrorInfo

user32

LoadStringW
SendDlgItemMessageW
GetDlgItemInt
DialogBoxParamW
SetDlgItemInt
EndDialog

kernel32

CloseHandle
SetUnhandledExceptionFilter
GetCurrentProcessId
LocalAlloc
FindClose
LocalFree
HeapFree
Sleep
SetFileAttributesW
VirtualAlloc
CreateProcessW
FindNextFileW
GetCurrentProcess
FindFirstFileW
lstrcmpW
InterlockedIncrement
GetSystemTimeAsFileTime
GetCompressedFileSizeW
GetVolumeInformationW
GetSystemTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CompareFileTime
GetProcAddress
GetFileAttributesW
UnhandledExceptionFilter
lstrlenW
TerminateProcess
RemoveDirectoryW
InterlockedDecrement
LoadLibraryW
DeviceIoControl
DeleteFileW
HeapAlloc
SystemTimeToFileTime
GetProcessHeap
CreateFileW

Sections

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51cd8c4d404a3ac88e67d069bb6d3bbe

Headers

File Characteristics

Imports

shell32

msvcrt

cmdial32

advapi32

shlwapi

ole32

user32

kernel32

Sections

.text Size: 512B - Virtual size: 416B

.rsrc Size: 29KB - Virtual size: 29KB

.idata Size: 3KB - Virtual size: 2KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 416B

.rsrc
Size: 29KB - Virtual size: 29KB

.idata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: - Virtual size: 1.3MB