615667edc082bbe4023986b6f38b530a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

615667edc082bbe4023986b6f38b530a_JaffaCakes118
Size

863KB
MD5

615667edc082bbe4023986b6f38b530a
SHA1

560617e50b2e4f53dc49ef37a267ddb33fd8981b
SHA256

69bee2d6185f4a4a7493dd4a2254e9e3528165d1048b28f21edb8c57777f85b6
SHA512

8e7d8479dc7761e5379e5c0d31084a299cc73d37cb1861f40e5f9183e7bd7657978b2d4b5e8e8ddc456ad1c091c7cb726242a9b4a04ed95d0f618e41dbf4519e
SSDEEP

24576:SUV/P+inz3W9mTSrlUYI4vHjt8jQI1WjB:SK/P+inqODYIs+jQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
615667edc082bbe4023986b6f38b530a_JaffaCakes118

Files

615667edc082bbe4023986b6f38b530a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1671632ebf44f45dd0b7435af4cd680

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

PrivilegeCheck
RegOpenKeyA
FindFirstFreeAce
BackupEventLogA
DeregisterEventSource
CryptDestroyHash
GetSidSubAuthority
RegDeleteValueA
RegFlushKey
RevertToSelf
CryptSetKeyParam
SetServiceStatus
GetSecurityDescriptorOwner
AllocateAndInitializeSid
CryptSignHashA
GetExplicitEntriesFromAclA
AddAce
ObjectDeleteAuditAlarmA
AccessCheck
GetServiceDisplayNameA
BuildSecurityDescriptorA
RegSaveKeyA
EnumDependentServicesA
RegQueryValueA
GetTrusteeTypeA
CryptHashSessionKey
CryptEncrypt
RegConnectRegistryA
CryptGetKeyParam
QueryServiceObjectSecurity
GetSecurityDescriptorControl
GetAclInformation
IsTextUnicode
ControlService
CopySid
InitializeAcl
ChangeServiceConfigA
SetEntriesInAuditListA
CryptGenKey

user32

GetClassInfoA
EnumClipboardFormats
EnumDisplayMonitors
SendMessageTimeoutA
RemovePropA
GetMenuState
GetWindowInfo
GetMenuCheckMarkDimensions
GetDC
DdeUnaccessData
DefMDIChildProcA
DdeNameService
MsgWaitForMultipleObjects
DrawMenuBar
UnhookWinEvent
SetProcessWindowStation
GetWindowWord
GetScrollBarInfo
GetMessagePos
GetSystemMenu
CharNextExA
DlgDirSelectExA
SetDoubleClickTime
EndMenu
SetSysColors
IsDialogMessage
CreateDialogParamA
ShowWindowAsync
SetWindowContextHelpId
CascadeWindows
IsWindowUnicode
CreateIconIndirect
SetDebugErrorLevel
GetNextDlgTabItem
SetKeyboardState
GetDlgCtrlID
FreeDDElParam
wvsprintfA
DestroyMenu
GetClassWord
RegisterDeviceNotificationA
UnpackDDElParam
ChildWindowFromPointEx
CloseDesktop
GetKeyboardLayoutList
SetMessageExtraInfo
LoadMenuIndirectA
OemToCharA
DrawCaption
SetCaretBlinkTime
OpenDesktopA

Sections

.mncny
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.izu
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.khu
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hozm
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lcfeh
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gvmr
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wbo
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pupqp
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qzgzk
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1671632ebf44f45dd0b7435af4cd680

Headers

File Characteristics

Imports

advapi32

user32

Sections

.mncny Size: 638KB - Virtual size: 1.3MB

.izu Size: 6KB - Virtual size: 8KB

.khu Size: 19KB - Virtual size: 27KB

.hozm Size: 512B - Virtual size: 21KB

.lcfeh Size: 6KB - Virtual size: 15KB

.gvmr Size: 512B - Virtual size: 56B

.wbo Size: 512B - Virtual size: 24B

.pupqp Size: 48KB - Virtual size: 77KB

.qzgzk Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.mncny
Size: 638KB - Virtual size: 1.3MB

.izu
Size: 6KB - Virtual size: 8KB

.khu
Size: 19KB - Virtual size: 27KB

.hozm
Size: 512B - Virtual size: 21KB

.lcfeh
Size: 6KB - Virtual size: 15KB

.gvmr
Size: 512B - Virtual size: 56B

.wbo
Size: 512B - Virtual size: 24B

.pupqp
Size: 48KB - Virtual size: 77KB

.qzgzk
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB