14b990ae9ec61e9563e2f4fbd5d5acfc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14b990ae9ec61e9563e2f4fbd5d5acfc_JaffaCakes118
Size

60KB
MD5

14b990ae9ec61e9563e2f4fbd5d5acfc
SHA1

89d0e4f056146bb82300f4f03ade0390d432144b
SHA256

9b7f129f97706e31253d0045d8922c2a0636dbe71d60225ab8f199a6f9adb345
SHA512

b116c45d9e597e4b509a430c83574d8679fafeabccbc1f1307bad1175173346244f0178055f7f1d5743823b27767df5d1d09a20d5a424cf8857ac2a925def243
SSDEEP

1536:ennxif+d9gyClOZX8w0+At4oFmXRm+ruZ1EFs9yDD:Tf+dKysq4+NPXgX1EFs9yDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b990ae9ec61e9563e2f4fbd5d5acfc_JaffaCakes118

Files

14b990ae9ec61e9563e2f4fbd5d5acfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa9e5616c4193b8db21b7be2c1577676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

EnumDependentServicesA
ControlService
GetAclInformation
PrivilegeCheck
GetNumberOfEventLogRecords
CryptGenKey
RegFlushKey
RevertToSelf
CryptSetKeyParam
GetSecurityDescriptorOwner
AddAce
RegDeleteValueA
AccessCheck
ChangeServiceConfigA
CryptGetKeyParam
CryptEncrypt
GetSecurityDescriptorControl
GetServiceDisplayNameA
FindFirstFreeAce
CryptDestroyHash
RegConnectRegistryA
GetTrusteeTypeA
SetEntriesInAuditListA
CryptHashSessionKey
CryptSignHashA
GetSidSubAuthority
SetServiceStatus
ObjectDeleteAuditAlarmA
CryptContextAddRef
RegOpenKeyA
BuildSecurityDescriptorA
GetMultipleTrusteeA
InitializeAcl
BackupEventLogA
DeregisterEventSource

user32

CreateIconIndirect
SwitchToThisWindow
GetComboBoxInfo
AlignRects
DdeEnableCallback
FreeDDElParam
SetDoubleClickTime
RemovePropA
GetMenuState
MonitorFromPoint
ToUnicodeEx
BringWindowToTop
GetKeyboardLayoutList
SetMessageExtraInfo
CreateAcceleratorTableA
GetMenuItemCount
EnumDisplayMonitors
CheckMenuItem
SetKeyboardState
DispatchMessageA
DdeGetLastError
CascadeWindows
GetUserObjectSecurity
GetAsyncKeyState
DestroyMenu
CharNextExA
OpenDesktopA
GetIconInfo
UpdateWindow
TranslateAccelerator
SendIMEMessageExA
GetMenuCheckMarkDimensions
ChangeMenuA
DdeUnaccessData
SetDebugErrorLevel
TileWindows
IsWindowUnicode
VkKeyScanA
GetShellWindow
SetWindowRgn
InvalidateRgn
SetSysColors
SendMessageTimeoutA
SetClipboardData
MessageBoxA
IsMenu
GetKBCodePage
OemToCharA
GetWindowInfo
SetScrollInfo
UnhookWinEvent
wvsprintfA
EnumClipboardFormats
LoadIconA
PackDDElParam

shlwapi

SHDeleteValueA

Sections

.upav
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tgdkd
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wlqj
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfan
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa9e5616c4193b8db21b7be2c1577676

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

Sections

.upav Size: 22KB - Virtual size: 45KB

.tgdkd Size: 5KB - Virtual size: 10KB

.wlqj Size: 1KB - Virtual size: 2KB

.gfan Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.upav
Size: 22KB - Virtual size: 45KB

.tgdkd
Size: 5KB - Virtual size: 10KB

.wlqj
Size: 1KB - Virtual size: 2KB

.gfan
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB