33e1b82b41fd367f2b6c27a50e08a49c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33e1b82b41fd367f2b6c27a50e08a49c_JaffaCakes118
Size

177KB
MD5

33e1b82b41fd367f2b6c27a50e08a49c
SHA1

8ec3867d5fd9d21a7a8d0719649559a99c360b20
SHA256

c5e7d10d33d88687361d0d4e8b26d93f3dcc82c403fa5cc573ec6806e54b0003
SHA512

451ff7b9e73c20e0b46d77f2d81b6df39f27afe3d9abedb42f6ffd00bc30f1fdd58bd7be89c8f1c1e1317237d0a1ca21e5c8c6149ba101dc820aa28147ebf1c9
SSDEEP

3072:OllIgRN8BY+sl2biz5mgL8oXgDmYpdSy0:+Nd+85mgL8oXgDmYpdSy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33e1b82b41fd367f2b6c27a50e08a49c_JaffaCakes118

Files

33e1b82b41fd367f2b6c27a50e08a49c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e0f088e282177dccf8c54eb8f179c6f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
FreeSid
GetLengthSid
RegEnumValueW
RegCreateKeyExA
InitializeSecurityDescriptor
RegCreateKeyExW
RegQueryValueExA
InitializeSecurityDescriptor
GetLengthSid
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
InitializeAcl
RegDeleteKeyW
InitializeAcl
RegOpenKeyExW
AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyW
RegQueryInfoKeyW
OpenThreadToken
CloseServiceHandle
InitializeSecurityDescriptor
RegDeleteKeyW
RegEnumKeyExW
CloseServiceHandle
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExA
GetLengthSid
RegSetValueExW
AllocateAndInitializeSid
CloseServiceHandle
CloseServiceHandle
RegQueryInfoKeyW
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyW
RegOpenKeyW
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA
RegQueryValueExA
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW
SetSecurityDescriptorDacl
FreeSid
RegQueryValueExA
RegEnumValueW
AddAccessAllowedAce
RegQueryValueExA
GetTokenInformation
RegDeleteKeyW
SetSecurityDescriptorDacl
RegSetValueExA
RegOpenKeyW
InitializeAcl
RegQueryValueExA
RegSetValueExW
RegSetValueExA
RegQueryInfoKeyW
SetSecurityDescriptorDacl
GetTokenInformation
RegSetValueExA
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
RegSetValueExW
OpenProcessToken
RegQueryInfoKeyW
RegSetValueExA
SetSecurityDescriptorDacl

kernel32

CreateFileW
EnterCriticalSection
GetModuleFileNameA
LocalAlloc
UnhandledExceptionFilter
GetVersionExA
HeapFree
CreateFileW
ReadFile
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
HeapReAlloc
GetCurrentProcessId
HeapReAlloc
Sleep
SetLastError

Sections

Size: 143KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0f088e282177dccf8c54eb8f179c6f0

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

Size: 143KB - Virtual size: 156KB

Size: 3KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

�vmp0 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

Size: 512B - Virtual size: 512B

�vmp0
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB