00dc59f710729bc55acd33b44e409096_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00dc59f710729bc55acd33b44e409096_JaffaCakes118
Size

864KB
MD5

00dc59f710729bc55acd33b44e409096
SHA1

7c398fef20f584fb2739729fed205ade2ee4c1a8
SHA256

a55ff841c64fd72d13e75c8ed069ad7ca030887cf7817a16bf08493e8912ea1a
SHA512

bbe94cdcc6321149f5b1c081f8236468cce053296a2eb8d3ce95e8b411b6c06bf029ce762824ff4fe172e9fb0bea208f0c50e99dd14c78c1d43a5d66db17475e
SSDEEP

24576:aX/61SaRLQRg/qiS0ZBk7Y6j+f+4oLLWcODB1zR9LzOCM:aP6XeuwCuXKf+fLqcAT1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00dc59f710729bc55acd33b44e409096_JaffaCakes118

Files

00dc59f710729bc55acd33b44e409096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e42578640e5a353d38d8ca1120a07404

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
CryptHashSessionKey
SetEntriesInAuditListA
RegDeleteValueA
CryptDestroyHash
ObjectDeleteAuditAlarmA
GetSecurityDescriptorControl
CryptGetKeyParam
GetServiceDisplayNameA
FindFirstFreeAce
InitializeAcl
AddAce
CryptEncrypt
SetServiceStatus
GetSecurityDescriptorOwner
ChangeServiceConfigA
RegConnectRegistryA
CryptGenKey
RegUnLoadKeyA
ControlService
RegQueryValueA
OpenEventLogA
EnumDependentServicesA
RegOpenKeyA
GetAclInformation
BuildSecurityDescriptorA
GetMultipleTrusteeA
PrivilegeCheck
AllocateAndInitializeSid
CryptSignHashA
AccessCheck
BackupEventLogA
GetNumberOfEventLogRecords
DeregisterEventSource
CopySid
GetTrusteeTypeA
CryptSetKeyParam

user32

GetWindowWord
GetScrollBarInfo
GetShellWindow
SendMessageTimeoutA
SetCaretBlinkTime
IsCharLowerA
InsertMenuItemA
DestroyMenu
DispatchMessageA
CopyIcon
SetDoubleClickTime
DdeQueryStringA
CreateIconIndirect
DrawFrame
GetUserObjectSecurity
DefMDIChildProcA
PackDDElParam
GetClassInfoA
SetClipboardData
GetDoubleClickTime
GetAsyncKeyState
GetTopWindow
MapVirtualKeyExA
DrawTextExA
DestroyAcceleratorTable
ChangeMenuA
OemToCharA
GetMessagePos
CreateAcceleratorTableA
ShowWindowAsync
GetClipboardFormatNameA
GetNextDlgTabItem
ExcludeUpdateRgn
TranslateAccelerator
LoadMenuIndirectA
MsgWaitForMultipleObjects
InSendMessage
GetIconInfo
IMPGetIMEA
EnumPropsExA
EnumClipboardFormats
IsDialogMessage
UnpackDDElParam
UnhookWinEvent
CheckMenuItem
SetSysColors
WinHelpA
VkKeyScanA
DdeClientTransaction
SetKeyboardState
ArrangeIconicWindows
GetComboBoxInfo
PostQuitMessage

shlwapi

HashData

Sections

.debo
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsf
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inw
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byl
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kpy
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zaxwj
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ubsvy
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rarsb
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ijgv
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e42578640e5a353d38d8ca1120a07404

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

Sections

.debo Size: 638KB - Virtual size: 1.3MB

.lsf Size: 6KB - Virtual size: 8KB

.inw Size: 19KB - Virtual size: 27KB

.byl Size: 512B - Virtual size: 21KB

.kpy Size: 6KB - Virtual size: 15KB

.zaxwj Size: 512B - Virtual size: 56B

.ubsvy Size: 512B - Virtual size: 24B

.rarsb Size: 49KB - Virtual size: 77KB

.ijgv Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.debo
Size: 638KB - Virtual size: 1.3MB

.lsf
Size: 6KB - Virtual size: 8KB

.inw
Size: 19KB - Virtual size: 27KB

.byl
Size: 512B - Virtual size: 21KB

.kpy
Size: 6KB - Virtual size: 15KB

.zaxwj
Size: 512B - Virtual size: 56B

.ubsvy
Size: 512B - Virtual size: 24B

.rarsb
Size: 49KB - Virtual size: 77KB

.ijgv
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB