77ba8dc6c3914b1706589db2b68d999f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

77ba8dc6c3914b1706589db2b68d999f_JaffaCakes118
Size

862KB
MD5

77ba8dc6c3914b1706589db2b68d999f
SHA1

edc27b068de70b0f2dcce4f8fe0fb620e60f8f21
SHA256

f9c6ac4eb2c03e4278849f9af1fbf1b473b200109b78858add574e239bfd991c
SHA512

53b92c0646191c25bb4bd0378300bbb69986c0f1f4d4851f1343349f87807fbf014b1364a57c1331ba8efcf4bf2b16bc2466b8cb02aaacf87047e94c403ba951
SSDEEP

12288:8Va8qPJFJSchLVbssoQ88SrDDHqf/XzC9YlJaMNwBVnTORO3hM3sGL9mDHo8v:8ZqxSCL8i/XaGCnCRwKsGLqHo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77ba8dc6c3914b1706589db2b68d999f_JaffaCakes118

Files

77ba8dc6c3914b1706589db2b68d999f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cca619a536c005623a69850982aefc1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDestroyHash
CryptSignHashA
FindFirstFreeAce
GetTrusteeTypeA
PrivilegeCheck
QueryServiceObjectSecurity
RegFlushKey
RegQueryValueA

kernel32

DeleteFileA

shlwapi

ColorHLSToRGB
PathIsFileSpecA
SHRegWriteUSValueA

user32

CharToOemBuffA
DestroyAcceleratorTable
DestroyMenu
DrawFrame
GetWindowInfo
InvertRect
LoadAcceleratorsA
MapVirtualKeyExA
wvsprintfA

Sections

.vuny
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uzu
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adi
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xwlol
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mrejy
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bkf
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.knaza
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vazy
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odkva
Size: 123KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cca619a536c005623a69850982aefc1c

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

Sections

.vuny Size: 638KB - Virtual size: 1.3MB

.uzu Size: 6KB - Virtual size: 8KB

.adi Size: 19KB - Virtual size: 27KB

.xwlol Size: 512B - Virtual size: 21KB

.mrejy Size: 6KB - Virtual size: 15KB

.bkf Size: 512B - Virtual size: 56B

.knaza Size: 512B - Virtual size: 24B

.vazy Size: 49KB - Virtual size: 77KB

.odkva Size: 123KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.vuny
Size: 638KB - Virtual size: 1.3MB

.uzu
Size: 6KB - Virtual size: 8KB

.adi
Size: 19KB - Virtual size: 27KB

.xwlol
Size: 512B - Virtual size: 21KB

.mrejy
Size: 6KB - Virtual size: 15KB

.bkf
Size: 512B - Virtual size: 56B

.knaza
Size: 512B - Virtual size: 24B

.vazy
Size: 49KB - Virtual size: 77KB

.odkva
Size: 123KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB