8babc422f8239e2ddab16c38d72e465f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8babc422f8239e2ddab16c38d72e465f_JaffaCakes118
Size

172KB
MD5

8babc422f8239e2ddab16c38d72e465f
SHA1

7d6448016b5bfbe3db203f775b295c1512146d85
SHA256

a027b5690549bf553ef9c522a3d262ea0478adbc04c5d6e9ba692a2a1d4d4118
SHA512

17bf6cb88fa7837cd847ae5b510bed9ed8439fb847a96fd3b5570aab2567eb9bf32e5111bda22910b71bcaaa0d06f9b0ab0d5e6930354a0767390b636931467d
SSDEEP

1536:6sQo2OUdVWg7SWEjP3/eDRwT6Q69dsT+Bl5VR7UZ07H:6G2OMVWg7M/mNwT679dUCl5VR7Ue

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8babc422f8239e2ddab16c38d72e465f_JaffaCakes118

Files

8babc422f8239e2ddab16c38d72e465f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2b57c49060afcdc9bb820d96cbad7ea9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
RegDeleteValueW
RegOpenKeyExW
GetTokenInformation
RegDeleteKeyW
CloseServiceHandle
GetLengthSid
RegQueryValueExW
GetTokenInformation
FreeSid
GetTokenInformation
RegEnumValueW
AllocateAndInitializeSid
RegDeleteKeyW
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegOpenKeyExW
RegQueryValueExA
OpenProcessToken
CloseServiceHandle
GetTokenInformation
RegOpenKeyExW
AllocateAndInitializeSid
RegCloseKey
OpenProcessToken
RegDeleteValueW
InitializeAcl
RegCreateKeyExA
RegCreateKeyExA
RegQueryValueExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegQueryInfoKeyW
RegCreateKeyExA
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
CloseServiceHandle
FreeSid
RegSetValueExW
RegCreateKeyExW
GetLengthSid
RegDeleteKeyW
RegEnumKeyExW
OpenThreadToken
SetSecurityDescriptorDacl
RegCreateKeyExA
SetSecurityDescriptorDacl
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeAcl
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExW
GetLengthSid
OpenThreadToken
RegSetValueExA
AllocateAndInitializeSid

kernel32

EnterCriticalSection
UnhandledExceptionFilter
EnterCriticalSection
FreeLibrary
EnterCriticalSection
LoadLibraryW
ExitProcess
GetModuleFileNameA
GetProcAddress
HeapDestroy

Sections

Size: 143KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b57c49060afcdc9bb820d96cbad7ea9

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

Size: 143KB - Virtual size: 156KB

Size: 2KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

�vmp0 Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 512B

�vmp0
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB