21edf50a5f6f596cfcc65441999d0851_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

21edf50a5f6f596cfcc65441999d0851_JaffaCakes118
Size

2.6MB
MD5

21edf50a5f6f596cfcc65441999d0851
SHA1

92252373311222381ac5d6b9094084df3ad7506e
SHA256

128d2d807b95f20a2659212ce274abf69601ad191d5b4298378f0b3d8b0598b3
SHA512

dc16f31f99ea420991a178f5f6be4fb26043cb2a8898113769c839d366b9c2795ca43dcd7fa6675a760043c45920147e4dffbfbe807b8fc91589406ee6023950
SSDEEP

49152:8YKuLKbcJTudCFFi4qJdPm5ZZeg5/bCSrlHqPz6wA7c/FiG:8YVKbndCFFi4qnm5p5WMlHqPuwtkG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21edf50a5f6f596cfcc65441999d0851_JaffaCakes118

Files

21edf50a5f6f596cfcc65441999d0851_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca09eeaf5a9745e61049ec830d6bec52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
ChangeServiceConfigA
CloseServiceHandle
EqualSid
InitializeSecurityDescriptor
LookupAccountSidA
LookupPrivilegeValueA
OpenServiceA
RegDeleteKeyA
UnlockServiceDatabase

kernel32

AddAtomA
CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcessHeap
GetStartupInfoA
GetStringTypeA
GetSystemInfo
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalReAlloc
HeapDestroy
InterlockedCompareExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadResource
MapViewOfFile
Module32First
MoveFileA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
RemoveDirectoryA
SearchPathA
SetEndOfFile
SetFileAttributesA
SetLastError
SetStdHandle
Sleep
TerminateProcess
UnmapViewOfFile
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

ole32

CoCreateFreeThreadedMarshaler
CoFreeUnusedLibraries
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoTaskMemFree
StringFromCLSID

user32

CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CreateDialogParamA
DialogBoxParamA
EndDialog
EndPaint
EnumChildWindows
GetDlgCtrlID
GetDlgItemTextA
GetForegroundWindow
GetParent
GetSysColor
GetWindowRect
GetWindowTextLengthA
IntersectRect
InvalidateRect
IsChild
IsRectEmpty
IsWindowEnabled
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
PostMessageA
RegisterClassA
SendMessageA
SetMenu
SetWindowPos
SystemParametersInfoA
TrackPopupMenu

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca09eeaf5a9745e61049ec830d6bec52

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 2.6MB - Virtual size: 6.9MB

.data Size: 16KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 2.6MB - Virtual size: 6.9MB

.data
Size: 16KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB