193d2ddd308fa0a565ff2652ae9ffdb1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

193d2ddd308fa0a565ff2652ae9ffdb1_JaffaCakes118
Size

59KB
MD5

193d2ddd308fa0a565ff2652ae9ffdb1
SHA1

7b7700e40dab99abf5f36c2489bd4a8c3472af79
SHA256

135f62c94b4161f3cc6ad37127bac99f450da84de32331ac589e31c4266489c5
SHA512

65f7ef261ddab04a7c91f9e67ca513972e6b36090c318f9fb063ff4c70ccbbc286c4be71a304d4adfc45040df4ee944d60a1398d2cb2674d5828c715dc673dfd
SSDEEP

1536:cKWPujLaPBYZ3k6P8IiF3/gxYiuQL8DG:cKW5QU6KGGQL8DG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193d2ddd308fa0a565ff2652ae9ffdb1_JaffaCakes118

Files

193d2ddd308fa0a565ff2652ae9ffdb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

874fa8643a456167ce96c374d0524748

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetAclInformation
CryptGetKeyParam
QueryServiceObjectSecurity
CryptSetKeyParam
GetSecurityDescriptorControl
GetExplicitEntriesFromAclA
EnumDependentServicesA
RegQueryValueA
OpenEventLogA
BuildSecurityDescriptorA
GetMultipleTrusteeA
SetEntriesInAuditListA
PrivilegeCheck
AllocateAndInitializeSid
CopySid
RegUnLoadKeyA
AddAce
RegSaveKeyA
AccessCheck
GetSecurityDescriptorOwner
RegDeleteValueA
CryptContextAddRef
IsTextUnicode
CryptGenKey
DeregisterEventSource
ChangeServiceConfigA
GetNumberOfEventLogRecords
BackupEventLogA
ObjectDeleteAuditAlarmA
SetServiceStatus
RegOpenKeyA
GetSidSubAuthority
CryptEncrypt
RegFlushKey
CryptHashSessionKey

user32

EnumPropsExA
InvalidateRgn
MapVirtualKeyExA
DefMDIChildProcA
GetAsyncKeyState
GetDC
GetMenuState
DdeGetLastError
SetProcessWindowStation
GetKBCodePage
EnumClipboardFormats
InSendMessage
LoadMenuIndirectA
MsgWaitForMultipleObjects
IsCharLowerA
EnumDisplayMonitors
DdeClientTransaction
SetKeyboardState
LoadAcceleratorsA
CreateWindowExA
SendMessageTimeoutA
CreateDialogParamA
ArrangeIconicWindows
GetWindowInfo
DdeQueryStringA
SwitchToThisWindow
RegisterWindowMessageA
ExcludeUpdateRgn
DispatchMessageA
CopyIcon
GetNextDlgTabItem
ChangeMenuA
SetClipboardData
SetDebugErrorLevel
GetClassInfoA
VkKeyScanA
BringWindowToTop
DestroyAcceleratorTable
GetKeyboardLayoutList
GetMessagePos
CascadeWindows
GetMenuItemCount
SetSysColors
CharToOemBuffA
UnpackDDElParam
DestroyMenu
GetClassWord
FreeDDElParam
CreateAcceleratorTableA
EndMenu
RedrawWindow
SetWindowContextHelpId
CreateIconIndirect
OpenDesktopA
IsMenu

Sections

.wzyp
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ngts
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hgfy
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.chof
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874fa8643a456167ce96c374d0524748

Headers

File Characteristics

Imports

advapi32

user32

Sections

.wzyp Size: 22KB - Virtual size: 45KB

.ngts Size: 5KB - Virtual size: 10KB

.hgfy Size: 1024B - Virtual size: 1KB

.chof Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.wzyp
Size: 22KB - Virtual size: 45KB

.ngts
Size: 5KB - Virtual size: 10KB

.hgfy
Size: 1024B - Virtual size: 1KB

.chof
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB