a1943c77bf6b5f96bda3e76a3d7eb2be_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1943c77bf6b5f96bda3e76a3d7eb2be_JaffaCakes118
Size

178KB
MD5

a1943c77bf6b5f96bda3e76a3d7eb2be
SHA1

79d97d2fa648a7638beb3c97c0c580a01849b314
SHA256

5d0a49c02cebabbdf15c9b5b078605d9699d89d2e8c2fb9b0692265c1be0e395
SHA512

3b46ebe1fbde30886a1c39c9f85cc4f99dc621895e401ad07d1a926dea249c2a3ac0dc83c45096596162e3f28caf22fe3a2f2300eda263151c6bc39c9c7baf7a
SSDEEP

3072:ALiq3wBrIVQdyb5pNKMcjxAbJpwKxxpi:Eiq3wB8VcoDKMcjxAbJpwKxx8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1943c77bf6b5f96bda3e76a3d7eb2be_JaffaCakes118

Files

a1943c77bf6b5f96bda3e76a3d7eb2be_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a94382177d094708a7fe61727cc8d1cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitializeSecurityDescriptor
RegCreateKeyExW
InitializeAcl
GetLengthSid
GetTokenInformation
AllocateAndInitializeSid
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteValueW
RegDeleteValueW
InitializeAcl
InitializeAcl
RegEnumKeyExW
GetLengthSid
GetLengthSid
GetLengthSid
AdjustTokenPrivileges
CloseServiceHandle
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
AdjustTokenPrivileges
AddAccessAllowedAce
RegQueryValueExW
SetSecurityDescriptorDacl
RegEnumKeyExW
OpenProcessToken
RegOpenKeyW
RegQueryValueExW
RegSetValueExA
OpenProcessToken
RegQueryInfoKeyW
OpenThreadToken
RegCreateKeyExW
OpenThreadToken
AllocateAndInitializeSid
RegOpenKeyExA
GetLengthSid
RegQueryValueExW
RegQueryValueExA
AllocateAndInitializeSid
AdjustTokenPrivileges
GetLengthSid
RegCloseKey
RegQueryValueExA
RegDeleteKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExA
AllocateAndInitializeSid
OpenThreadToken
RegCloseKey
SetSecurityDescriptorDacl
OpenProcessToken
RegDeleteKeyW
FreeSid
RegCreateKeyExW
AllocateAndInitializeSid
RegOpenKeyW
RegDeleteValueW
RegOpenKeyExA
RegEnumKeyExW
AllocateAndInitializeSid
RegQueryValueExW
FreeSid
RegCloseKey
InitializeAcl
RegEnumValueW
GetLengthSid
RegOpenKeyExA
AllocateAndInitializeSid
OpenProcessToken
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExA
RegEnumValueW
OpenThreadToken
CloseServiceHandle
GetTokenInformation
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
RegOpenKeyExA
RegCreateKeyExW
OpenProcessToken
RegDeleteValueW
InitializeSecurityDescriptor
GetTokenInformation
AddAccessAllowedAce
RegSetValueExW
RegDeleteKeyW
RegCloseKey
OpenThreadToken
GetTokenInformation
InitializeAcl
FreeSid
InitializeAcl
AllocateAndInitializeSid
FreeSid
RegQueryInfoKeyW
RegOpenKeyExA
OpenThreadToken
RegQueryValueExW
RegQueryValueExW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
AllocateAndInitializeSid
InitializeAcl
InitializeSecurityDescriptor
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenThreadToken
InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryValueExA
RegEnumValueW
GetTokenInformation
AllocateAndInitializeSid
RegCreateKeyExA
RegSetValueExA
RegSetValueExA
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
SetSecurityDescriptorDacl

user32

SystemParametersInfoW
PostQuitMessage
MoveWindow
ScreenToClient
SendMessageW
DialogBoxParamW
IsWindow
SendDlgItemMessageW
EndPaint
SetCursor
GetMenu
MessageBoxW
GetMenu
LoadCursorW
CopyRect
GetMenu
BeginPaint
GetWindowTextW
CreateDialogParamW
GetWindow
LoadMenuW
FindWindowW
SendDlgItemMessageW
GetFocus
LoadMenuW
SetCapture
CallWindowProcW
GetSystemMenu
CheckDlgButton
LoadCursorW
LoadIconW
LoadImageW
CreateDialogParamW
SendMessageW
KillTimer
IsDlgButtonChecked
CreateDialogParamW
MessageBoxW
RegisterClassW
IsWindowVisible
DestroyWindow
MessageBoxW
IsIconic
PtInRect
KillTimer
CallWindowProcW
IsDialogMessageW
LoadMenuW
LoadMenuW
EndPaint
IsWindow
GetWindowLongW
PtInRect
EndPaint

kernel32

TerminateProcess
LocalAlloc
ExitProcess
ExitProcess
GetCommandLineW
TerminateProcess
GetCurrentProcessId
GetModuleHandleA
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalAlloc
TerminateProcess
GetModuleHandleA
WriteFile
lstrcpyW
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineW
CreateThread
GetStartupInfoW
lstrcmpiW
GetStartupInfoA
CloseHandle
lstrcmpiW
HeapReAlloc
DeleteCriticalSection

Sections

Size: 141KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a94382177d094708a7fe61727cc8d1cc

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 141KB - Virtual size: 156KB

Size: 5KB - Virtual size: 8KB

Size: 5KB - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 512B - Virtual size: 512B

Size: 512B - Virtual size: 512B