8abaeec3bda0324157f5a8622e815574_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8abaeec3bda0324157f5a8622e815574_JaffaCakes118
Size

60KB
MD5

8abaeec3bda0324157f5a8622e815574
SHA1

249a301f65923d9e604f468162d129a9a70dbe45
SHA256

9936bd747c3922cce161dd1a95ce0d73fd8c8d89a83fb18767c9729b6ca6b570
SHA512

af2290d9e28a3df937e80bcbde3a0b3fdcbd6508376954ab52cf6618deb3436ea76723d033b28ef81dceed1d39b807581113997461a6f7f1ad3059b68373296d
SSDEEP

1536:/FDW0mWzDOnvD3r5OKNUMJ59berVa5VoamhEDqkH6A9DY:/FDTm+DAAMJXqba+0H6GDY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8abaeec3bda0324157f5a8622e815574_JaffaCakes118

Files

8abaeec3bda0324157f5a8622e815574_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21c6c106cb9fa13186f1599c411e48ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceObjectSecurity
CryptSetKeyParam
CryptGenKey
GetExplicitEntriesFromAclA
GetMultipleTrusteeA
RegConnectRegistryA
GetTrusteeTypeA
InitializeAcl
GetServiceDisplayNameA
ObjectDeleteAuditAlarmA
RegDeleteValueA
DeregisterEventSource
GetSidSubAuthority
CopySid
CryptHashSessionKey
AllocateAndInitializeSid
SetServiceStatus
ChangeServiceConfigA
CryptEncrypt
CryptSignHashA
AccessCheck
GetAclInformation
PrivilegeCheck
RegUnLoadKeyA
RegQueryValueA
GetSecurityDescriptorOwner
EnumDependentServicesA
RegOpenKeyA
FindFirstFreeAce
ControlService
RegSaveKeyA
IsTextUnicode
BuildSecurityDescriptorA
CryptDestroyHash
CryptContextAddRef

user32

IsCharLowerA
CharToOemBuffA
GetAsyncKeyState
DdeCreateDataHandle
SetSysColors
SetWindowContextHelpId
SetDoubleClickTime
SetKeyboardState
CopyIcon
GetKBCodePage
GetClassWord
GetWindowRect
GetMenuItemCount
ShowWindowAsync
DrawTextExA
EnumPropsExA
GetKeyboardLayoutList
MessageBoxA
wvsprintfA
UpdateWindow
EnumDisplayMonitors
GetIconInfo
GetProcessDefaultLayout
EnumClipboardFormats
GetShellWindow
SetProcessWindowStation
GetWindowWord
ArrangeIconicWindows
LoadIconA
GetComboBoxInfo
DrawFrame
DrawMenuBar
DlgDirSelectExA
PostQuitMessage
CreateIconIndirect
IsDialogMessage
SetWindowRgn
IsWindowUnicode
EnableScrollBar
GetDC
CloseDesktop
RedrawWindow
SetMessageExtraInfo
TileWindows
GetWindowInfo
GetMenuCheckMarkDimensions
CharNextExA
WinHelpA
DdeClientTransaction
LoadMenuIndirectA
CreateDialogParamA
VkKeyScanA
IMPGetIMEA
FreeDDElParam
CreateWindowExA

kernel32

lstrcmpi

Sections

.itgrq
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xete
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rkfk
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yxqr
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c6c106cb9fa13186f1599c411e48ef

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.itgrq Size: 22KB - Virtual size: 45KB

.xete Size: 5KB - Virtual size: 10KB

.rkfk Size: 1KB - Virtual size: 2KB

.yxqr Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.itgrq
Size: 22KB - Virtual size: 45KB

.xete
Size: 5KB - Virtual size: 10KB

.rkfk
Size: 1KB - Virtual size: 2KB

.yxqr
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB