ac38bacc61efe264decc42d65542c5ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac38bacc61efe264decc42d65542c5ee_JaffaCakes118
Size

53KB
MD5

ac38bacc61efe264decc42d65542c5ee
SHA1

dbb82a0eba7c8462f589b7ecf0d05453750cbb34
SHA256

7467b440647ba267e1dc0bff58cd208511009a370fb7fdd09ecb2ae36e8fccc9
SHA512

0f35078b4ec7a831bf5ef817da157e14b2544582343228dab0bfa99dae7ae997f2150baed4d1d13f1177049cd3530dd0bc31be778ff3a8fff7020349de02cd49
SSDEEP

1536:cNEmcs9M1wKX9AFLZaUJq2ixpZnpA+Ijf:yEmr9I59AVZapsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ELEVAT64.EXE
unpack001/ELEVATE.EXE

Files

ac38bacc61efe264decc42d65542c5ee_JaffaCakes118
.zip
10_BLOCK.CMD
10_BLOCK.HTM
.html
10_BLOCK.TXT
10_OBSOL.TXT
.vbs
E10BLOK.CMD
ELEVAT64.EXE
.exe windows:6 windows x64 arch:x64

4aa28b29f47f3693c0aa9202b02c12c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess
LocalFree
FormatMessageW
GetLastError
GetEnvironmentVariableW
CloseHandle
WaitForSingleObject
LocalAlloc
GetCurrentDirectoryW
GetCommandLineW

shell32

ShellExecuteExW

msvcrt

_iob
wprintf
fwprintf

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ELEVATE.EXE
.exe windows:6 windows x86 arch:x86

4aa28b29f47f3693c0aa9202b02c12c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LocalFree
FormatMessageW
GetLastError
GetEnvironmentVariableW
CloseHandle
WaitForSingleObject
LocalAlloc
GetCurrentDirectoryW
GetCommandLineW

shell32

ShellExecuteExW

msvcrt

_iob
wprintf
fwprintf

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ELEVATE.TXT
STARTDNS.CMD
STOP!DNS.CMD

Sharing

General

Malware Config

Signatures

Files

4aa28b29f47f3693c0aa9202b02c12c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcrt

Sections

.text Size: 3KB - Virtual size: 2KB

.pdata Size: 512B - Virtual size: 24B

.rsrc Size: 1KB - Virtual size: 1KB

4aa28b29f47f3693c0aa9202b02c12c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.pdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB