34c9f867150cb397cab6135547b84422_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34c9f867150cb397cab6135547b84422_JaffaCakes118
Size

176KB
MD5

34c9f867150cb397cab6135547b84422
SHA1

91c699052c2875a0a311c39fdfeeb85a4fd6f316
SHA256

149579124203441eb8e964bac86720510e963b3265afbf38be9d23f4b3df7b52
SHA512

9687c6488c04afcf8b4f58bef7fa9cac8265b1ad7b911877e966ef2ba665ca29491b3efc75170cb3116aa66f7e64e84e69f7c5854d7fe76c341c5022b944eefb
SSDEEP

3072:pnlzI9IYri2ZKQrUSB6ER5RSaishziP55agPm9VPwZyAwpBo8j:p9I9IY+2Z4SBiaiskaBbwMF48

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c9f867150cb397cab6135547b84422_JaffaCakes118

Files

34c9f867150cb397cab6135547b84422_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e0ff3e6aaf52f0d3f2878060ff6f702

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetOEMCP
CompareStringA
SetEndOfFile
LCMapStringW
GetStringTypeW
GetCurrentProcessId
GetTimeFormatA
VirtualAlloc
EnterCriticalSection
SetStdHandle
GetSystemTimeAsFileTime
IsValidCodePage
SetUnhandledExceptionFilter
HeapCreate
GetConsoleOutputCP
QueryPerformanceCounter
ReadFile
LCMapStringA
InitializeCriticalSection
TerminateProcess
WriteFile
GetCurrentProcess
MultiByteToWideChar
GetTimeZoneInformation
WriteConsoleA
GetCPInfo
GetDateFormatA
EnumResourceTypesA
CompareStringW
UnhandledExceptionFilter
GetLocaleInfoA
GetTickCount
IsDebuggerPresent
HeapReAlloc
FreeLibrary
CreateMailslotW
SetEnvironmentVariableA
HeapDestroy
HeapSize
LeaveCriticalSection
GetACP
RtlUnwind
SetFilePointer
VirtualFree
RaiseException
LoadLibraryA
GetStringTypeA

advapi32

SetEntriesInAclW
OpenSCManagerW
LookupPrivilegeDisplayNameA
GetInheritanceSourceW
GetAclInformation
RegCloseKey
GetNamedSecurityInfoW
LookupAccountSidW
SetSecurityInfo
QueryServiceLockStatusW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueA
GetSecurityDescriptorControl
EnumDependentServicesW
GetTokenInformation
RegDeleteValueW
QueryServiceConfigW
ChangeServiceConfigW
SetEntriesInAclA
SetNamedSecurityInfoW
GetAce
CloseServiceHandle
AddAce
RegCreateKeyExW
FreeInheritedFromArray
IsValidSecurityDescriptor
AllocateAndInitializeSid
RegRestoreKeyW
RegSaveKeyW
RegOpenKeyExW
StartServiceA
DeleteService
RegQueryValueExW
ControlService
QueryServiceStatus
GetSecurityInfo
UnlockServiceDatabase
RegEnumKeyExW
EqualSid
OpenProcessToken
InitializeSecurityDescriptor
InitializeAcl
SetSecurityDescriptorDacl
OpenServiceW
RegDeleteKeyW
CreateServiceW
LockServiceDatabase
IsValidAcl
ChangeServiceConfig2W
FreeSid
RegGetKeySecurity
LookupPrivilegeNameA
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e0ff3e6aaf52f0d3f2878060ff6f702

Headers

File Characteristics

Imports

kernel32

advapi32

oleacc

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 154KB

.data Size: 129KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 154KB

.data
Size: 129KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB