7534c6f5b24ccd370fb187b3363055c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7534c6f5b24ccd370fb187b3363055c5_JaffaCakes118
Size

59KB
MD5

7534c6f5b24ccd370fb187b3363055c5
SHA1

4376bc0a8fd2fcf5685df5e26d3fee92398126bb
SHA256

1eacc4b81b0b97be22444bce3970e3bf80b46d9949121ec9dbcd90fab4a9406a
SHA512

ff4c892fdbfb39c53a79f25513397071386316a4d0c9c06dd149b7d9ceafff8c5c8bc7868bbdf456ad5938cb07536b54f7b9e71b48a6d7cf63bcf7dfdc4f0f4d
SSDEEP

1536:U8VpmlJhVFjvzIA2oJ0waJT3+CDYDErjhqR:U87mZVoMRqT3+CDnrjhqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7534c6f5b24ccd370fb187b3363055c5_JaffaCakes118

Files

7534c6f5b24ccd370fb187b3363055c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37b6be7c1e151709211fc5f4befbcfe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGenKey
DeregisterEventSource
ChangeServiceConfigA
CryptSetKeyParam
PrivilegeCheck
AddAce
RegConnectRegistryA
GetAclInformation
RegFlushKey
RegSaveKeyA
BuildSecurityDescriptorA
QueryServiceObjectSecurity
CopySid
CryptGetKeyParam
GetMultipleTrusteeA
SetEntriesInAuditListA
IsTextUnicode
GetNumberOfEventLogRecords
RegDeleteValueA
GetExplicitEntriesFromAclA
FindFirstFreeAce
OpenEventLogA
RegUnLoadKeyA
CryptEncrypt
InitializeAcl
RegQueryValueA
CryptSignHashA
EnumDependentServicesA
RegOpenKeyA
GetSidSubAuthority
GetTrusteeTypeA
AccessCheck
ObjectDeleteAuditAlarmA
GetServiceDisplayNameA
ControlService
RevertToSelf

user32

GetIconInfo
GetClassInfoA
GetKeyboardLayoutList
LoadIconA
GetMenuCheckMarkDimensions
ToUnicodeEx
SetMenuDefaultItem
DefMDIChildProcA
UnpackDDElParam
GetTopWindow
BringWindowToTop
DdeNameService
PostQuitMessage
GetScrollBarInfo
CopyIcon
GetNextDlgTabItem
ChildWindowFromPointEx
CharNextExA
SetWindowContextHelpId
SetDoubleClickTime
SetKeyboardState
CreateIconIndirect
RegisterDeviceNotificationA
RegisterWindowMessageA
AlignRects
DdeUnaccessData
TranslateAccelerator
GetShellWindow
TileWindows
DdeQueryStringA
OemToCharA
SendIMEMessageExA
DestroyAcceleratorTable
GetProcessDefaultLayout
SetSysColors
DrawFrame
GetClassWord
DdeGetLastError
MonitorFromPoint
GetMenuItemCount
ArrangeIconicWindows
SetScrollInfo
WinHelpA
SetWindowRgn
MsgWaitForMultipleObjects
GetMenuState
GetDoubleClickTime
GetAsyncKeyState
IsCharLowerA
UnhookWinEvent
GetDlgCtrlID
GetWindowInfo
EnumPropsExA
GetDC

Sections

.opaj
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tkdiv
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avk
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gleh
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37b6be7c1e151709211fc5f4befbcfe6

Headers

File Characteristics

Imports

advapi32

user32

Sections

.opaj Size: 22KB - Virtual size: 45KB

.tkdiv Size: 5KB - Virtual size: 10KB

.avk Size: 1024B - Virtual size: 1KB

.gleh Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.opaj
Size: 22KB - Virtual size: 45KB

.tkdiv
Size: 5KB - Virtual size: 10KB

.avk
Size: 1024B - Virtual size: 1KB

.gleh
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB