890f5cc772c4ca6861a43cb0f7eb23b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

890f5cc772c4ca6861a43cb0f7eb23b2_JaffaCakes118
Size

250KB
MD5

890f5cc772c4ca6861a43cb0f7eb23b2
SHA1

7d54936dc5659b8c685216a5cb9cf36a0127927c
SHA256

ae7df10b1c1f0f84b1a8d95c5d5db57298e0f0d1bf46f895a5aee48434f52c3c
SHA512

4b03ceb982f95785bd1f45fe54f5e4f2049cf74d289ca9bb0027dded9f87fafe915d80e7760422d2afa36e3af395ab4e13c9fa90fc73b00f9ca309660c1e70ed
SSDEEP

6144:+cjlsubtn6BV+/1PSSggDhBkLq2pjMoyYKRKESBv:ziuZ6Bq1aMWqBTSV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890f5cc772c4ca6861a43cb0f7eb23b2_JaffaCakes118

Files

890f5cc772c4ca6861a43cb0f7eb23b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ac02522db7668811dd224a0577fb68a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
CreateEventW
OpenEventW
CloseHandle
FreeLibrary
GetPriorityClass
lstrcpynW
ResetEvent
WaitForMultipleObjects
CreateDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
LocalFree
SetErrorMode
WideCharToMultiByte
OutputDebugStringW
GetModuleHandleW
CreateProcessW
OpenProcess
WaitForSingleObject
SetProcessWorkingSetSize
MulDiv
CreateFileW
DeleteFileW
SetFileAttributesW
WriteFile
LoadLibraryExW
DeviceIoControl
ExpandEnvironmentStringsA
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
SetUnhandledExceptionFilter
PulseEvent
GetLocalTime
GetProcAddress

user32

LoadStringW
KillTimer
PostMessageW
GetSubMenu
SetForegroundWindow
LoadMenuW
AppendMenuW
GetCursorPos
CreatePopupMenu
GetMenuItemCount
RemoveMenu
SetMenuDefaultItem
GetClientRect
RedrawWindow
SetWindowPos
IsWindowVisible
GetDlgCtrlID
GetWindowRect
GetParent
GetDC
ReleaseDC
TranslateAcceleratorW
EnableWindow
SetTimer
PostQuitMessage
RegisterWindowMessageW
LoadImageW
LoadIconW
SendMessageW
UpdateWindow
GetForegroundWindow

gdi32

CreatePatternBrush
DeleteObject
GetObjectW
GetPixel
CreateSolidBrush
CreateCompatibleDC
GetDeviceCaps
RealizePalette
BitBlt
GetDIBColorTable
CreateHalftonePalette
CreateFontIndirectW
GetTextExtentPoint32W
GetStockObject
CreatePalette

advapi32

RegOpenKeyExA
RegQueryValueExA
OpenSCManagerW
OpenServiceW
QueryServiceStatus
StartServiceW
CloseServiceHandle
SetEntriesInAclW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameW

shell32

Shell_NotifyIconW
ShellExecuteW

msoert2

PszAllocA

iaspolcy

DllGetClassObject
DllRegisterServer

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aeN
Size: 1024B - Virtual size: 1005B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uJm
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qQn
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wkrcoE
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SfH
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oCs
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaQU
Size: 512B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Xij
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.F
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XSOpU
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ac02522db7668811dd224a0577fb68a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msoert2

iaspolcy

Sections

.text Size: 17KB - Virtual size: 16KB

.aeN Size: 1024B - Virtual size: 1005B

.uJm Size: 1KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.qQn Size: 512B - Virtual size: 329B

.wkrcoE Size: 1KB - Virtual size: 2KB

.SfH Size: 1KB - Virtual size: 1KB

.oCs Size: 1024B - Virtual size: 1KB

.iaQU Size: 512B - Virtual size: 805B

.data Size: 213KB - Virtual size: 255KB

.Xij Size: 1KB - Virtual size: 2KB

.F Size: 1024B - Virtual size: 1KB

.XSOpU Size: 2KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.aeN
Size: 1024B - Virtual size: 1005B

.uJm
Size: 1KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.qQn
Size: 512B - Virtual size: 329B

.wkrcoE
Size: 1KB - Virtual size: 2KB

.SfH
Size: 1KB - Virtual size: 1KB

.oCs
Size: 1024B - Virtual size: 1KB

.iaQU
Size: 512B - Virtual size: 805B

.data
Size: 213KB - Virtual size: 255KB

.Xij
Size: 1KB - Virtual size: 2KB

.F
Size: 1024B - Virtual size: 1KB

.XSOpU
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB