a187544359a44392b1c1210c332138dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a187544359a44392b1c1210c332138dc_JaffaCakes118
Size

174KB
MD5

a187544359a44392b1c1210c332138dc
SHA1

1adcc240a08f7be51f58c1629d56a48fa59b05d0
SHA256

44aec7bdb00a2cd4e5453fc0f39c8b3d91c55714fa87c8bfd1963b7915f3df1d
SHA512

951f3b0386753b7c5e898b8a8c68609df4e7621caec68e955ab13c51d8685a705054132989a8923547db7c3f4f0077018a8aaf2279205d185bc4b857434cef22
SSDEEP

1536:PtMcRchAdBP1qo4IDKgKR/hZPO+kwfzSjviHnp7Y80Cpt2Qdw:tcGeCDK7BQ6GjviHnp7Y80CpUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a187544359a44392b1c1210c332138dc_JaffaCakes118

Files

a187544359a44392b1c1210c332138dc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2ab579534fb87f6aba40504683ea36f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
FreeSid
GetTokenInformation
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
AdjustTokenPrivileges
OpenProcessToken
RegCloseKey
RegQueryValueExA
AddAccessAllowedAce
RegCreateKeyExW
AddAccessAllowedAce
AddAccessAllowedAce
RegCreateKeyExA
RegSetValueExW
RegOpenKeyW
GetLengthSid
AddAccessAllowedAce
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
CloseServiceHandle
RegCloseKey
RegCreateKeyExA
InitializeAcl
CloseServiceHandle
InitializeSecurityDescriptor
RegSetValueExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
AddAccessAllowedAce
RegEnumValueW
AddAccessAllowedAce
RegEnumKeyExW
RegSetValueExA
RegEnumKeyExW
RegCreateKeyExA
InitializeAcl
RegCreateKeyExW
FreeSid
RegQueryValueExW
AllocateAndInitializeSid
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyW
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegSetValueExA
RegEnumKeyExW
RegQueryValueExW
InitializeSecurityDescriptor
RegSetValueExA
RegQueryInfoKeyW
GetTokenInformation
GetLengthSid
InitializeSecurityDescriptor
RegOpenKeyW
RegSetValueExA
OpenProcessToken
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyW
GetLengthSid
AllocateAndInitializeSid
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA

user32

IsIconic
InvalidateRect
GetCursorPos
GetMenu
ScreenToClient
LoadMenuW
DefWindowProcW
LoadAcceleratorsW
SetTimer
SendDlgItemMessageW
DispatchMessageA
IsWindowVisible
LoadMenuW
SystemParametersInfoW
GetMessageW
KillTimer
GetDesktopWindow
EndDialog
GetDesktopWindow
DestroyWindow
GetWindowLongW
LoadIconW
TranslateMessage
FillRect
EndDialog
MessageBoxA
SendMessageW
SystemParametersInfoW
GetClientRect
ReleaseCapture
IsDlgButtonChecked
PeekMessageW
CheckDlgButton
GetFocus
DispatchMessageW
LoadIconW

kernel32

GetLastError
GetCurrentProcessId
CloseHandle
UnhandledExceptionFilter
LoadLibraryW
LoadLibraryA
DeleteCriticalSection
VirtualFree
SetEvent
InitializeCriticalSection

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ab579534fb87f6aba40504683ea36f2

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 3KB - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

�vmp0 Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�vmp0
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB