0d91ec77a63af78510fb0637e59b3806_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d91ec77a63af78510fb0637e59b3806_JaffaCakes118
Size

89KB
MD5

0d91ec77a63af78510fb0637e59b3806
SHA1

6ba58c2f9cde68c937525b4949ad043a9a651992
SHA256

f1bf96738f3163cd6f89eb870fe5a90f41c31e948d06b1deed57cd9f9ff36d4f
SHA512

84412595ecd48cddea02bfaebecccf6f34bfc1661d99422e49e838d285257ecbd6cffc5054ef759328ee4c308886afd5edd8ed2ae3382fa9ede5cceb64991784
SSDEEP

1536:TDXe8cFTtMvJBGFt70SQiVUjoqBL3hm/vQM3t0KKGEFBsC5:TDXe8AhuJBGncqUjoIbhktKGEFBsK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d91ec77a63af78510fb0637e59b3806_JaffaCakes118

Files

0d91ec77a63af78510fb0637e59b3806_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb81d281e37d041fa8b65df01d2d7a00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

user32

DialogBoxParamA
DialogBoxParamW
EnableWindow
EndDialog
GetActiveWindow
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetParent
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextW
IsDlgButtonChecked
IsWindow
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
LoadStringW
MessageBoxA
MessageBoxW
MoveWindow
OffsetRect
PostMessageA
CharUpperBuffW
CheckDlgButton
SendMessageA
SendMessageW
SetCursor
SetFocus
SetWindowLongA
SetWindowTextA
SetWindowTextW
ShowWindow
wsprintfA

gdi32

DeleteDC
DeleteMetaFile
CloseMetaFile
GetDeviceCaps
CreateDCA
LPtoDP
RestoreDC
SaveDC
SetMapMode
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileA
CreateRectRgnIndirect

advapi32

CreateServiceW
DeleteService
DeregisterEventSource
GetAce
GetFileSecurityW
GetPrivateObjectSecurity
GetSecurityDescriptorDacl
GetSecurityDescriptorLength
GetSidIdentifierAuthority
GetTokenInformation
GetUserNameW
InitializeSecurityDescriptor
IsValidSecurityDescriptor
MakeSelfRelativeSD
OpenProcessToken
OpenSCManagerW
OpenServiceW
OpenThreadToken
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
AccessCheck
RegSetValueExW
RegisterEventSourceW
RegisterServiceCtrlHandlerExW
ReportEventW
ChangeServiceConfigW
SetFileSecurityW
SetPrivateObjectSecurity
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetServiceStatus
CloseServiceHandle
WmiCloseBlock
WmiOpenBlock
WmiReceiveNotificationsW

Sections

.text
Size: 4KB - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb81d281e37d041fa8b65df01d2d7a00

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 796B

.rdata Size: 4KB - Virtual size: 482B

.data Size: 68KB - Virtual size: 68KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 796B

.rdata
Size: 4KB - Virtual size: 482B

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 12KB - Virtual size: 12KB