06834a694e541347a6c8f09c5e1f858c_JaffaCakes118

General

Target

06834a694e541347a6c8f09c5e1f858c_JaffaCakes118
Size

27KB
MD5

06834a694e541347a6c8f09c5e1f858c
SHA1

c5e31092f3b8b5d5b5018474f79d9563d1aeac12
SHA256

b93596169d6361ade0e3cf74f1314f5bc0f206b762498b8afcdc561afc4faccd
SHA512

661b84e273806779e2d2421553364fea8acf1aaececcefa3a1c912fc11d62af3c53794303d540d5a0aa5b0522a39039fddb85fdfdc3fb01915cb4966cdb2867d
SSDEEP

768:wGoKNic1xaC2jvfnS1JCcfpyyWmmFUpRm8c3mFYjyUpGZm:wGz91xaCMX3qpzQUpYR3metpG0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06834a694e541347a6c8f09c5e1f858c_JaffaCakes118

Files

06834a694e541347a6c8f09c5e1f858c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26001804526b3f856aacf21649f5ea4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
LookupAccountNameA
GetSidSubAuthority
QueryServiceConfigA
AddAce
GetSidSubAuthorityCount
RegOpenKeyA
SetKernelObjectSecurity
RegDeleteKeyA
AdjustTokenPrivileges
InitializeAcl
GetTokenInformation
LookupAccountSidA
RegQueryValueExA
SetSecurityInfo
LookupPrivilegeValueW

ole32

OleRun
OleTranslateAccelerator
OleCreateStaticFromData
CoGetStdMarshalEx
CoGetCurrentProcess
OleQueryLinkFromData
CoUnmarshalInterface
OleGetAutoConvert
BindMoniker
CoRegisterMessageFilter
OleCreateLinkToFile
CoReleaseServerProcess
OleIsRunning
OleCreateDefaultHandler
CoGetObject
OleCreateLinkFromData

kernel32

InterlockedIncrement
GetEnvironmentStrings
GetProcessHeap
GetCommandLineA
GlobalUnlock
GlobalLock
CreateThread
CreateFileMappingA
InterlockedDecrement
DeleteCriticalSection
FlushFileBuffers
GlobalMemoryStatus
GetConsoleOutputCP
GetUserDefaultLCID
GetEnvironmentVariableA
lstrcmpA
SetConsoleCtrlHandler
CreateFileA
TlsAlloc
GetSystemTimeAsFileTime
LocalAlloc

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26001804526b3f856aacf21649f5ea4e

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 968B

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 968B