09aef6c7823e535063fe6f497d9df4ec_JaffaCakes118

General

Target

09aef6c7823e535063fe6f497d9df4ec_JaffaCakes118
Size

412KB
MD5

09aef6c7823e535063fe6f497d9df4ec
SHA1

551b040033df33ebb18a83651dcaed469cb2a9b9
SHA256

7e03f38af6a4638f7ae756c20f93d2b17650305617b014ad9ce532d921f757ab
SHA512

051efcf48d6f8954d32b70ddd728c572d3a4ffeef4ab6cde5dce65f46d0667e6231e525eb8af5cbf0f2e7761eb7597a7602ba48af47412cd24f594bcec3853b6
SSDEEP

12288:iTuuHeyX1bUSwNsUblrXEJ2Pw1ixI9gweXoy:iSuH999Mr031Hg7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09aef6c7823e535063fe6f497d9df4ec_JaffaCakes118

Files

09aef6c7823e535063fe6f497d9df4ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b425311cabf11351de006618434bbbec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
FreeSid
RegEnumKeyW
EqualSid
RegLoadKeyW
RegUnLoadKeyW
GetTokenInformation
RegSetValueExW
LookupPrivilegeValueW
RegSetValueW
RegEnumValueW
RegCreateKeyExW
AdjustTokenPrivileges
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExA
OpenProcessToken
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyW
RegSaveKeyW
AllocateAndInitializeSid

gdi32

GetDeviceCaps
GetObjectW
DeleteObject
CreateFontIndirectW
GetStockObject

ole32

OleInitialize
CoTaskMemFree
OleUninitialize

oleaut32

VariantClear

ntdll

RtlAdjustPrivilege
RtlAddAccessAllowedAceEx
NtAllocateVirtualMemory

rpcrt4

RpcStringFreeW

kernel32

GetACP
GetStartupInfoA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 198KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b425311cabf11351de006618434bbbec

Headers

File Characteristics

Imports

advapi32

gdi32

ole32

oleaut32

ntdll

rpcrt4

kernel32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rsrc Size: 8KB - Virtual size: 8KB

.data Size: 198KB - Virtual size: 920KB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 182KB - Virtual size: 181KB

.text
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 8KB - Virtual size: 8KB

.data
Size: 198KB - Virtual size: 920KB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 182KB - Virtual size: 181KB