300dc777175408a8685d2cbed73e5dfd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

300dc777175408a8685d2cbed73e5dfd_JaffaCakes118
Size

59KB
MD5

300dc777175408a8685d2cbed73e5dfd
SHA1

53726d37c6888894373ff3c20a3177afc8390020
SHA256

c2f7a7d6a965b2b36a829fd9d026811839b07fb587f86af780d177c7705718e9
SHA512

2f9f5eab8f3696d998ea5d60ac368cf76c50422c05d14a2c3065a2f04aaf117da4af09a0fb28645b0f3244f9e26528060a68b659c09ea51e5b2d5f8cb5ee88c0
SSDEEP

1536:uh1uRrCOupNQ6h8G6mYK13sXCK0u11a4QDp:81uRjupNt8GrYM3sXRl1A4QDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
300dc777175408a8685d2cbed73e5dfd_JaffaCakes118

Files

300dc777175408a8685d2cbed73e5dfd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f914004b7921aa62f0202acc56a7845

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlIsOpaqueA

kernel32

SetNamedPipeHandleState

advapi32

ChangeServiceConfigA
RegConnectRegistryA
CopySid
RegFlushKey
CryptHashSessionKey
AllocateAndInitializeSid
RegSaveKeyA
PrivilegeCheck
QueryServiceObjectSecurity
SetEntriesInAuditListA
GetSecurityDescriptorControl
RevertToSelf
GetSidSubAuthority
GetTrusteeTypeA
FindFirstFreeAce
BackupEventLogA
RegUnLoadKeyA
IsTextUnicode
ObjectDeleteAuditAlarmA
CryptSignHashA
DeregisterEventSource
GetExplicitEntriesFromAclA
RegDeleteValueA
GetSecurityDescriptorOwner
EnumDependentServicesA
SetServiceStatus
AccessCheck
InitializeAcl
RegQueryValueA
ControlService
GetAclInformation
OpenEventLogA
CryptSetKeyParam
CryptContextAddRef

user32

ScrollDC
InSendMessage
EnableScrollBar
UpdateWindow
GetMenuState
UnhookWinEvent
DestroyAcceleratorTable
LookupIconIdFromDirectory
CloseDesktop
SendIMEMessageExA
InsertMenuItemA
ShowCursor
LoadAcceleratorsA
DlgDirSelectExA
DdeNameService
EndMenu
FindWindowExA
CharToOemBuffA
SetKeyboardState
EnumClipboardFormats
TileWindows
GetClassInfoA
ShowWindowAsync
IsDialogMessage
DrawCaption
PostQuitMessage
DrawMenuBar
SetWindowContextHelpId
RegisterWindowMessageA
IsWindowUnicode
GetScrollBarInfo
GetWindowInfo
GetWindowRect
GetClassWord
SwitchToThisWindow
GetIconInfo
DestroyMenu
MessageBoxA
ExcludeUpdateRgn
CreateWindowExA
GetTopWindow
VkKeyScanA
MonitorFromPoint
GetUserObjectSecurity
EnumDisplayMonitors
CreateAcceleratorTableA
WinHelpA
SendMessageTimeoutA
MsgWaitForMultipleObjects
GetMenuCheckMarkDimensions
DrawFrame
DispatchMessageA
SetDebugErrorLevel
LoadMenuIndirectA

Sections

.nctq
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ilu
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fch
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sda
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f914004b7921aa62f0202acc56a7845

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

user32

Sections

.nctq Size: 22KB - Virtual size: 45KB

.ilu Size: 5KB - Virtual size: 10KB

.fch Size: 1024B - Virtual size: 1KB

.sda Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.nctq
Size: 22KB - Virtual size: 45KB

.ilu
Size: 5KB - Virtual size: 10KB

.fch
Size: 1024B - Virtual size: 1KB

.sda
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB