743b434e0ae518904f5a7ecd065e1d6d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

743b434e0ae518904f5a7ecd065e1d6d_JaffaCakes118
Size

185KB
MD5

743b434e0ae518904f5a7ecd065e1d6d
SHA1

8f972e28921966d65834c8aec0534d02a278c540
SHA256

0617c51c2fdf2618c8417bdb603155d9fd277a9aa2d1832078e9c9e21fec9f25
SHA512

cffc658846d77182aee304cedddd722b65baaefa5377a24c17f3b7871de527e42f1f82efdf044d12093108efab5afdf901504d8a28b4853e1b80d1542cccee88
SSDEEP

3072:ME+ATjwnadICpo4kjG8Lflb0VjcQIGa8GyKACR+tUO7:ME/pdqRq8GVjcQIGa8GyKACR+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
743b434e0ae518904f5a7ecd065e1d6d_JaffaCakes118

Files

743b434e0ae518904f5a7ecd065e1d6d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9a3df6221029ce0ac29b34767039309b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenThreadToken
AllocateAndInitializeSid
RegDeleteValueW
GetLengthSid
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExA
RegEnumValueW
RegOpenKeyExA
RegDeleteKeyW
SetSecurityDescriptorDacl
RegQueryValueExW
RegDeleteKeyW
InitializeSecurityDescriptor
CloseServiceHandle
InitializeSecurityDescriptor
RegEnumKeyExW
RegOpenKeyW
RegCloseKey
AdjustTokenPrivileges
RegSetValueExA
RegOpenKeyW
RegSetValueExA
RegQueryValueExA
AdjustTokenPrivileges
CloseServiceHandle
InitializeAcl
RegEnumKeyExW
RegSetValueExA
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegEnumKeyExW
RegOpenKeyW
FreeSid
RegSetValueExW
AllocateAndInitializeSid
OpenThreadToken
RegQueryValueExA
AllocateAndInitializeSid
RegSetValueExW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
RegQueryInfoKeyW
InitializeSecurityDescriptor
OpenProcessToken
RegDeleteValueW
AdjustTokenPrivileges
RegOpenKeyExA
RegOpenKeyExA
RegCreateKeyExA
OpenThreadToken
RegEnumValueW
GetTokenInformation
RegDeleteValueW
FreeSid
OpenThreadToken
RegOpenKeyExA
AdjustTokenPrivileges
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegEnumValueW
GetLengthSid
InitializeAcl
CloseServiceHandle
GetLengthSid
RegCreateKeyExA
InitializeAcl
RegOpenKeyExW
AllocateAndInitializeSid
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyW
CloseServiceHandle
InitializeAcl
AddAccessAllowedAce
OpenThreadToken
InitializeAcl
CloseServiceHandle
RegEnumValueW
OpenProcessToken
RegCreateKeyExA
RegEnumValueW
AddAccessAllowedAce
AdjustTokenPrivileges
RegEnumKeyExW
RegCreateKeyExW
InitializeSecurityDescriptor
RegOpenKeyExA
AdjustTokenPrivileges
GetTokenInformation
AdjustTokenPrivileges
RegOpenKeyW
RegOpenKeyW
RegCreateKeyExA
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
OpenThreadToken
GetLengthSid
RegCreateKeyExA
RegCloseKey
FreeSid
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteValueW
RegOpenKeyW
GetTokenInformation
OpenProcessToken
RegOpenKeyW
OpenThreadToken
RegDeleteKeyW
RegCreateKeyExA
RegCloseKey
SetSecurityDescriptorDacl
RegDeleteValueW
FreeSid
RegEnumValueW
RegEnumKeyExW
OpenThreadToken
GetLengthSid
RegQueryValueExA
RegCloseKey
FreeSid
GetLengthSid
RegOpenKeyW

user32

GetDlgItem
RegisterClassExW
wsprintfA
GetWindowTextW
MoveWindow
IsIconic
GetParent
LoadAcceleratorsW
GetClientRect
GetSystemMenu
DestroyIcon
IsWindow
SetWindowTextW
LoadMenuW
wsprintfA
IsDlgButtonChecked
GetDlgItem
LoadImageW
GetWindowRect
TranslateMessage
SetFocus
ScreenToClient
CopyRect
LoadImageW
GetWindowTextW
GetSysColor
ScreenToClient
CallWindowProcW
SendDlgItemMessageW
LoadStringW
DestroyIcon
LoadAcceleratorsW
LoadAcceleratorsW
IsIconic
DefWindowProcW
wsprintfA
SetFocus
IsDialogMessageW
SetTimer
CheckDlgButton
MessageBeep
BeginPaint
ReleaseDC
OffsetRect
SetWindowPos
GetDesktopWindow
GetDesktopWindow
wsprintfA
DefWindowProcW
SetRect
DispatchMessageW
LoadStringW
EnableWindow
wsprintfW
MessageBeep
GetWindowLongW
SetFocus
SendDlgItemMessageW
SendDlgItemMessageW
DrawTextW

kernel32

SetUnhandledExceptionFilter
HeapReAlloc
SetLastError
lstrcpyW
HeapDestroy
GetProcessHeap
GetLastError
UnhandledExceptionFilter
FormatMessageW
QueryPerformanceCounter
GetLastError
HeapDestroy
GetModuleFileNameA
WriteFile
GetProcessHeap
VirtualFree
WideCharToMultiByte
WaitForSingleObject
SetEvent
lstrcmpiW
TerminateProcess
LoadLibraryA

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a3df6221029ce0ac29b34767039309b

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 5KB - Virtual size: 8KB

Size: 6KB - Virtual size: 6KB

Size: 1024B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB