2a687529dddfa6f95caa945adec97882_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2a687529dddfa6f95caa945adec97882_JaffaCakes118
Size

64KB
MD5

2a687529dddfa6f95caa945adec97882
SHA1

e3e1a0aeb36c032cd0d3f3b7e73f0fc219dbf4e9
SHA256

97b22776deea8f6116e387dc6f6a1a637c73804dc67ed5c7d45ac5d9f4f31844
SHA512

55547706c138422bbcc554a86875ed814191faa7dcf6e495c359facfa4179f855f4ef2d8a1b0ae8045860e4469cc413a94e8a9fefda8b509d0757d4730a6a833
SSDEEP

1536:x8dcNRa9BXHUxJ7xLAk8YzK517yrOUsZkV8TG7kV0O8LEotoziN:x8qNMHXHClxMwQkfpO8Lezi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a687529dddfa6f95caa945adec97882_JaffaCakes118

Files

2a687529dddfa6f95caa945adec97882_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adb09bccf972cd97bba3d7f5d54b66b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreatePrivateObjectSecurity
RegRestoreKeyA
RegEnumKeyA
GetServiceDisplayNameW
SetEntriesInAccessListA
SetAclInformation
GetNamedSecurityInfoExA
SetEntriesInAclA
RegLoadKeyA
SetSecurityDescriptorDacl
GetSecurityDescriptorLength
MakeSelfRelativeSD
ObjectOpenAuditAlarmW
BuildTrusteeWithSidW
ObjectPrivilegeAuditAlarmW
GetSecurityInfoExA
TrusteeAccessToObjectW
CryptSignHashW
AreAllAccessesGranted
DeregisterEventSource
GetSecurityDescriptorDacl
SetSecurityDescriptorSacl
EqualPrefixSid
RegCreateKeyW
BuildImpersonateTrusteeA
GetUserNameA
ObjectDeleteAuditAlarmW
GetSidSubAuthorityCount
OpenServiceW
OpenEventLogA
CryptVerifySignatureW
GetAce
LookupAccountNameA
RegCloseKey
CryptSignHashA
RegReplaceKeyW
OpenThreadToken
OpenSCManagerA
BuildImpersonateTrusteeW
ConvertSecurityDescriptorToAccessA
GetSidLengthRequired
CryptGetKeyParam
InitializeAcl
LookupAccountNameW
ChangeServiceConfigA
QueryServiceConfigW
BuildTrusteeWithNameW

shlwapi

PathStripToRootA
PathRemoveFileSpecA
StrCmpNIW
PathFindNextComponentW
PathStripToRootW
SHRegOpenUSKeyW
PathIsUNCServerShareW
StrRChrIA
UrlHashW
SHStrDupA
StrSpnA
StrStrA
PathCanonicalizeA
SHSetValueA
SHRegGetBoolUSValueA
PathIsLFNFileSpecA
SHGetThreadRef
StrNCatA
PathGetCharTypeW
PathFindSuffixArrayW
StrCpyW
PathIsSystemFolderW
PathMakePrettyW
PathSearchAndQualifyW
PathUnquoteSpacesA
PathMatchSpecW
StrFormatByteSizeW
PathMakeSystemFolderA
SHRegQueryUSValueA
PathRemoveBackslashA
PathCompactPathA
SHRegDeleteUSValueA
PathIsDirectoryEmptyA
SHDeleteValueA
PathAddBackslashA
StrToIntW
PathIsRelativeA
ChrCmpIW
SHRegCloseUSKey
StrRStrIA
SHRegWriteUSValueW
PathCanonicalizeW

ole32

OleConvertOLESTREAMToIStorage
OleSetMenuDescriptor
CoUnloadingWOW
WriteStringStream
CoReleaseMarshalData
PropVariantClear
UpdateDCOMSettings
CreateFileMoniker
CoMarshalInterThreadInterfaceInStream
GetHGlobalFromStream
IsEqualGUID
OleCreateLinkEx
CoGetCallerTID
GetHGlobalFromILockBytes
CoFileTimeNow
CoRevokeClassObject
OleCreateFromDataEx
OleLoadFromStream
CoRegisterChannelHook
CoAddRefServerProcess
StgOpenStorageEx
OleGetClipboard
OleSetContainedObject
OleInitialize
StgIsStorageFile
CoGetInterfaceAndReleaseStream
OleCreate
OleCreateFromFileEx
MonikerCommonPrefixWith
OleRegEnumVerbs
CoLockObjectExternal
CoInitializeEx
OleLockRunning
OleIsRunning
UtGetDvtd32Info
CoRevertToSelf
OleBuildVersion
OleGetAutoConvert
CoGetPSClsid
OleSave
OleCreateLinkToFileEx
OleDuplicateData
CoUnmarshalHresult

kernel32

GetVolumeInformationA
EnumDateFormatsA
QueryPerformanceCounter
GetCalendarInfoA
DefineDosDeviceA
FreeLibraryAndExitThread
SleepEx
UnlockFileEx
GetPrivateProfileStructA
GetSystemTimeAdjustment
GetCommConfig
GetDriveTypeA
CreatePipe
GetTapePosition
PeekConsoleInputA
SetLastError
IsBadReadPtr
CreateSemaphoreA
FindResourceExW
OpenMutexA
WriteConsoleOutputA
GetWindowsDirectoryW
FindClose
WriteConsoleOutputW
WriteConsoleOutputAttribute
WaitForSingleObjectEx
WritePrivateProfileSectionW
AddAtomW
VirtualQuery
GetProfileStringA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
CreateFileA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adb09bccf972cd97bba3d7f5d54b66b8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shlwapi

ole32

kernel32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: - Virtual size: 16KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: - Virtual size: 16KB