3ce72ff27abdfb11d918ef130f1fe7fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ce72ff27abdfb11d918ef130f1fe7fb_JaffaCakes118
Size

175KB
MD5

3ce72ff27abdfb11d918ef130f1fe7fb
SHA1

f46ef60d8839cb6e1b7105a48b5d0a0a40c2d0dd
SHA256

8cecd2c0aaf83d9980efa10b7da0274bc173949b7899de34c0f9827d13309528
SHA512

db9b3b063ae2c574096dfd8fe6e51493357919effea800a188c4061ffc71f7a514016764f9163673fd97a7ebda612c0f15d8e77222f055173d04370ac10a9661
SSDEEP

3072:lEN66ued2bGAPpsvQlLMoN20CuNknnEDFLrmslzFG0ONz6AuFCN0fPv9SI8wNNIZ:lE4AQb9soMozCpnOLaslzFUbWCcPj0OG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce72ff27abdfb11d918ef130f1fe7fb_JaffaCakes118

Files

3ce72ff27abdfb11d918ef130f1fe7fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f3622cbe40e077b74a422a414baafb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
HeapFree
GetTimeZoneInformation
GetTimeFormatA
UnhandledExceptionFilter
HeapSize
IsDebuggerPresent
HeapReAlloc
MultiByteToWideChar
VirtualFree
SetEndOfFile
GetCurrentProcess
SetFilePointer
LeaveCriticalSection
HeapCreate
GetSystemTimeAsFileTime
ReadFile
LoadLibraryA
LCMapStringW
GetOEMCP
GetTickCount
RtlUnwind
EnterCriticalSection
GetACP
SetEnvironmentVariableA
WriteConsoleA
WriteFile
EnumResourceTypesA
GetCurrentProcessId
InitializeCriticalSection
SetStdHandle
CompareStringA
CompareStringW
CreateMailslotW
GetCPInfo
FreeLibrary
VirtualAlloc
GetDateFormatA
GetConsoleOutputCP
LCMapStringA
HeapDestroy
SetUnhandledExceptionFilter
RaiseException
GetLocaleInfoA
GetStringTypeW
IsValidCodePage
QueryPerformanceCounter
GetStringTypeA

oleacc

LresultFromObject
AccessibleObjectFromPoint

advapi32

CreateServiceW
SetSecurityInfo
EqualSid
ChangeServiceConfig2W
QueryServiceStatus
CloseServiceHandle
IsValidSecurityDescriptor
QueryServiceLockStatusW
RegCloseKey
EnumDependentServicesW
OpenProcessToken
GetAclInformation
AllocateAndInitializeSid
UnlockServiceDatabase
DeleteService
InitializeAcl
GetTokenInformation
RegOpenKeyExW
LookupAccountSidW
LockServiceDatabase
RegSetValueExW
AddAce
StartServiceA
SetEntriesInAclA
QueryServiceConfigW
RegQueryValueExW
AdjustTokenPrivileges
RegDeleteValueW
SetNamedSecurityInfoW
RegSaveKeyW
GetInheritanceSourceW
IsValidAcl
ChangeServiceConfigW
RegEnumKeyExW
ControlService
LookupPrivilegeDisplayNameA
GetSecurityInfo
InitializeSecurityDescriptor
LookupPrivilegeNameA
RegDeleteKeyW
GetNamedSecurityInfoW
RegCreateKeyExW
LookupPrivilegeValueA
OpenSCManagerW
RegRestoreKeyW
OpenServiceW
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetEntriesInAclW
FreeSid
FreeInheritedFromArray
RegGetKeySecurity
GetAce
RegEnumValueW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f3622cbe40e077b74a422a414baafb5

Headers

File Characteristics

Imports

kernel32

oleacc

advapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 154KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 154KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB