3d5051bb4f5260bfa192ee9d4e42405f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d5051bb4f5260bfa192ee9d4e42405f_JaffaCakes118
Size

264KB
MD5

3d5051bb4f5260bfa192ee9d4e42405f
SHA1

6152b762e912c4616db4e8f2cba6a5dd51d40891
SHA256

cd106dda916a23cccbca4854dc8dc34e3782f8b1bcf8c4ab8bb1b98ddabb3d17
SHA512

2b7573f180d321418121467bb2d0edd304bc0505e74a1dc579cedfc60efb685a8d7702c9d5446eed159c41d798d887c3ea28877ae850e6e95f2690f0548e92f9
SSDEEP

6144:ZzDKvqqLoXBsBpRu6MulUjoZhizAWUfFzgn7lCU8Y1kDsjn1Abju:ZyvqqqBmsrpoZwMXBSCUn0sj1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5051bb4f5260bfa192ee9d4e42405f_JaffaCakes118

Files

3d5051bb4f5260bfa192ee9d4e42405f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74bc64f7322d0adbdfb087c90e7d12e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
VirtualAlloc
IsValidCodePage
ReadFile
HeapDestroy
EnterCriticalSection
HeapFree
CompareStringA
GetTickCount
SetFilePointer
WriteConsoleA
GetDateFormatA
LoadLibraryA
GetCurrentProcessId
WriteFile
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringA
TerminateProcess
EnumResourceTypesA
RaiseException
CompareStringW
InitializeCriticalSection
HeapReAlloc
SetStdHandle
GetLocaleInfoA
GetACP
SetEndOfFile
GetConsoleOutputCP
QueryPerformanceCounter
GetTimeZoneInformation
HeapCreate
GetSystemTimeAsFileTime
CompareFileTime
MultiByteToWideChar
IsDebuggerPresent
GetOEMCP
HeapSize
SetEnvironmentVariableA
GetTimeFormatA
VirtualFree
GetCurrentProcess
LeaveCriticalSection
LCMapStringW
GetStringTypeW
GetStringTypeA

iphlpapi

GetIpAddrTable

advapi32

RegGetKeySecurity
RegSaveKeyW
RegOpenKeyExW
LookupPrivilegeDisplayNameA
ChangeServiceConfig2W
GetAclInformation
RegCloseKey
DeleteService
EnumDependentServicesW
FreeSid
RegDeleteValueW
OpenServiceW
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
SetNamedSecurityInfoW
RegRestoreKeyW
QueryServiceLockStatusW
CreateServiceW
InitializeSecurityDescriptor
OpenSCManagerW
RegDeleteKeyW
IsValidSecurityDescriptor
QueryServiceConfigW
EqualSid
RegSetValueExW
SetSecurityDescriptorDacl
LookupPrivilegeValueA
GetNamedSecurityInfoW
LookupAccountSidW
OpenProcessToken
IsValidAcl
LockServiceDatabase
GetAce
AddAce
SetSecurityInfo
GetInheritanceSourceW
QueryServiceStatus
ChangeServiceConfigW
GetTokenInformation
RegCreateKeyExW
LookupPrivilegeNameA
AllocateAndInitializeSid
SetEntriesInAclW
InitializeAcl
RegQueryValueExW
GetSecurityDescriptorControl
GetSecurityInfo
SetEntriesInAclA
RegEnumKeyExW
ControlService
FreeInheritedFromArray
UnlockServiceDatabase
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74bc64f7322d0adbdfb087c90e7d12e7

Headers

File Characteristics

Imports

kernel32

iphlpapi

advapi32

oleacc

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 146KB

.data Size: 202KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 146KB

.data
Size: 202KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB