05066952c0f5446e6b987b4b306de4c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05066952c0f5446e6b987b4b306de4c6_JaffaCakes118
Size

50KB
MD5

05066952c0f5446e6b987b4b306de4c6
SHA1

e628e402b6937729cbdbdfa20ff1b15e767a7a55
SHA256

c51db239e5c616240824096a7729d209c901d257905dbbc98c31bc3a289ec3a3
SHA512

16007157af86a270765ef1300445e3dc97ecc15efdc6cc39eb5f358decd6745249b897473269da9c359a09f733bf4f9eedc42296d40cfc5bb50eea845e798017
SSDEEP

768:+JeNETHkHBJ3jazKFjm3z3uNJlBYnoXu1WYObeOZX9l2gT2s4:IWUHkBJhukAo71eyNl2gT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05066952c0f5446e6b987b4b306de4c6_JaffaCakes118

Files

05066952c0f5446e6b987b4b306de4c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

372673256446f4c9fcc2a738069a5637

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheckByType
AccessCheckByTypeResultListAndAuditAlarmA
AddAce
AllocateAndInitializeSid
AreAllAccessesGranted
BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
ConvertSecurityDescriptorToAccessA
ConvertSecurityDescriptorToAccessNamedW
CryptEnumProviderTypesA
CryptEnumProviderTypesW
CryptEnumProvidersA
CryptGetKeyParam
CryptGetProvParam
CryptHashData
ElfOpenEventLogA
ElfRegisterEventSourceW
EqualPrefixSid
GetAccessPermissionsForObjectW
GetCurrentHwProfileW
GetExplicitEntriesFromAclW
GetMultipleTrusteeOperationW
GetOldestEventLogRecord
GetServiceKeyNameW
ImpersonateNamedPipeClient
InitializeSid
InitiateSystemShutdownW
LogonUserA
LookupPrivilegeDisplayNameA
LookupPrivilegeValueW
LsaEnumerateAccountsWithUserRight
LsaGetUserName
LsaLookupPrivilegeName
LsaLookupSids
LsaOpenAccount
LsaOpenTrustedDomain
LsaSetDomainInformationPolicy
LsaSetQuotasForAccount
MakeSelfRelativeSD
MapGenericMask
NotifyBootConfigStatus
ObjectCloseAuditAlarmA
PrivilegedServiceAuditAlarmA
QueryServiceConfig2A
QueryServiceConfig2W
QueryServiceConfigA
ReportEventW
RevertToSelf
SetEntriesInAuditListW
SetNamedSecurityInfoExW

kernel32

AddAtomA
AddConsoleAliasW
CallNamedPipeW
CloseHandle
ContinueDebugEvent
ConvertDefaultLocale
ConvertThreadToFiber
CreateFileMappingA
CreatePipe
DuplicateHandle
EnumCalendarInfoA
EnumTimeFormatsA
EnumTimeFormatsW
EraseTape
ExitProcess
ExpandEnvironmentStringsW
FillConsoleOutputCharacterW
FindResourceExW
FlushInstructionCache
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineW
GetConsoleAliasesLengthW
GetCurrencyFormatW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDevicePowerState
GetDiskFreeSpaceW
GetFileAttributesA
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleHandleW
GetPrivateProfileIntW
GetProcessPriorityBoost
GetProfileSectionW
GetStartupInfoW
GetStringTypeExA
GetSystemDefaultLangID
GetSystemTime
GetSystemTimeAsFileTime
GetTapeStatus
GetThreadLocale
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFlags
Heap32ListFirst
IsBadCodePtr
IsBadStringPtrW
LeaveCriticalSection
LocalUnlock
MoveFileA
Process32First
ReadConsoleInputA
SetConsoleCursorInfo
SetConsoleTextAttribute
SetConsoleWindowInfo
SetCurrentDirectoryA
SetErrorMode
SetHandleCount
SetLastError
SetThreadAffinityMask
SetVDMCurrentDirectories
SignalObjectAndWait
SystemTimeToFileTime
UpdateResourceW
VerLanguageNameA
VirtualProtect
WaitNamedPipeW
WritePrivateProfileStringA
WriteProfileStringA
_hread
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
lstrlenW

user32

CallMsgFilterA
CharPrevW
CharToOemBuffW
CharUpperA
CharUpperW
CheckDlgButton
ChildWindowFromPoint
CreateAcceleratorTableW
CreateDialogParamA
CreateIcon
DdeCmpStringHandles
DdeQueryNextServer
DefDlgProcA
DeferWindowPos
DeleteMenu
DestroyMenu
DialogBoxIndirectParamW
DrawFocusRect
DrawStateW
EnumDisplaySettingsExW
EnumWindows
FindWindowExA
GetAltTabInfoW
GetAncestor
GetClassNameA
GetClipCursor
GetComboBoxInfo
GetCursor
GetCursorInfo
GetDialogBaseUnits
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuDefaultItem
GetMessageExtraInfo
GetMessageTime
GetMonitorInfoA
GetParent
GetPriorityClipboardFormat
GetQueueStatus
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowDC
GetWindowInfo
GetWindowTextW
GetWindowWord
HiliteMenuItem
InSendMessage
InSendMessageEx
InflateRect
InsertMenuW
IsCharUpperA
IsChild
LoadBitmapA
LoadIconW
LoadMenuA
ModifyMenuW
PeekMessageW
PostQuitMessage
RealGetWindowClassA
RegisterClipboardFormatW
RemoveMenu
ScrollWindow
SendIMEMessageExA
SendNotifyMessageW
SetClassWord
SetDebugErrorLevel
SetMessageExtraInfo
SetParent
SetPropW
SetRect
SetScrollInfo
SetUserObjectInformationW
SetWindowContextHelpId
ShowCursor
ShowScrollBar
SwitchDesktop
TabbedTextOutW
ToAscii
ToAsciiEx
UnhookWindowsHookEx
UnloadKeyboardLayout
ValidateRect
WINNLSEnableIME
WINNLSGetIMEHotkey

gdi32

AbortPath
CreateCompatibleBitmap
CreateDiscardableBitmap
CreateFontW
CreatePenIndirect
CreateSolidBrush
DPtoLP
DrawEscape
Ellipse
EndPath
EnumFontFamiliesA
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutA
FloodFill
GdiComment
GdiGetBatchLimit
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBoundsRect
GetBrushOrgEx
GetClipBox
GetClipRgn
GetColorSpace
GetCurrentObject
GetDeviceGammaRamp
GetObjectW
GetPath
GetPixel
GetRelAbs
GetStretchBltMode
GetWorldTransform
MoveToEx
PlgBlt
PolyTextOutW
PtInRegion
RealizePalette
RectVisible
RemoveFontResourceA
SelectBrushLocal
SelectFontLocal
SelectObject
SetFontEnumeration
SetMagicColors
SetPixelFormat
SetSystemPaletteUse
SetWindowExtEx
StartPage
StretchDIBits
SwapBuffers

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sqfg
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.phxt
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

372673256446f4c9fcc2a738069a5637

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 35KB - Virtual size: 39KB

.sqfg Size: 4KB - Virtual size: 11KB

.phxt Size: 4KB - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 3KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 35KB - Virtual size: 39KB

.sqfg
Size: 4KB - Virtual size: 11KB

.phxt
Size: 4KB - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 3KB