6aae40f3e31b4f623ce780cce9deda3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6aae40f3e31b4f623ce780cce9deda3e_JaffaCakes118
Size

56KB
MD5

6aae40f3e31b4f623ce780cce9deda3e
SHA1

8c98021ca02ae5bca64a3e0eccc2ba9d926ba829
SHA256

7135e5da5fb10f4a800706d321ca175f43ae9954eb0793fee7f75bfa0b748904
SHA512

ac524fc62cdbbe17229c16c513f741bc3db7106100b3514c7a77f12fa56005c997e915b84819a0f1348021e79e7d7f27b6a8f5174a0ace226d546bd683214a07
SSDEEP

768:s6CuPELuRxWabLV6HT3a48EqHBMnx6gPJ2qrYFe7ORiwGKmUQzVqJ6:Xuu7XH/vOHPMqreVcP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aae40f3e31b4f623ce780cce9deda3e_JaffaCakes118

Files

6aae40f3e31b4f623ce780cce9deda3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

060b3802ff6ab4fae9d43da67f25e070

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
GetShortPathNameW
InitializeCriticalSection
GetExitCodeThread
RemoveDirectoryW
GetWindowsDirectoryW
QueryPerformanceCounter
SetUnhandledExceptionFilter
CreateDirectoryW
Sleep
GetTickCount
GetFileAttributesW
lstrcpynA
lstrlenA
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetCurrentProcess
FreeLibrary
MultiByteToWideChar
LoadLibraryW
SetEvent
WaitForSingleObject
GetCurrentThread
GetModuleFileNameW
CreateEventW
GetVersionExW
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress

user32

PeekMessageW

advapi32

EqualSid
SetThreadToken
DuplicateToken
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
FreeSid
RegDeleteKeyW
RegDeleteKeyA
RegEnumValueW
RegEnumKeyW
RegUnLoadKeyW
RegLoadKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
DuplicateTokenEx
RevertToSelf

shell32

SHGetDesktopFolder

serialui

drvCommConfigDialogA
drvGetDefaultCommConfigA
drvSetDefaultCommConfigA

wmi

GetTraceEnableLevel
WmiSetSingleInstanceW
SetTraceCallback

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gkQ
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.J
Size: 4KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HzaQz
Size: 1KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SNYy
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xTReP
Size: 8KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DGydnY
Size: 11KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

060b3802ff6ab4fae9d43da67f25e070

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

serialui

wmi

Sections

.text Size: 14KB - Virtual size: 14KB

.gkQ Size: 4KB - Virtual size: 6KB

.J Size: 4KB - Virtual size: 153KB

.HzaQz Size: 1KB - Virtual size: 308KB

.rdata Size: 2KB - Virtual size: 38KB

.SNYy Size: 512B - Virtual size: 36KB

.xTReP Size: 8KB - Virtual size: 77KB

.data Size: 6KB - Virtual size: 129KB

.DGydnY Size: 11KB - Virtual size: 101KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.gkQ
Size: 4KB - Virtual size: 6KB

.J
Size: 4KB - Virtual size: 153KB

.HzaQz
Size: 1KB - Virtual size: 308KB

.rdata
Size: 2KB - Virtual size: 38KB

.SNYy
Size: 512B - Virtual size: 36KB

.xTReP
Size: 8KB - Virtual size: 77KB

.data
Size: 6KB - Virtual size: 129KB

.DGydnY
Size: 11KB - Virtual size: 101KB

.rsrc
Size: 3KB - Virtual size: 2KB