a792847218164881799d42c75907f8cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a792847218164881799d42c75907f8cd_JaffaCakes118
Size

115KB
MD5

a792847218164881799d42c75907f8cd
SHA1

66266337be66e72d32689c19d2105ada275a2826
SHA256

145701a3618408a2c12c1e471077847145bf994744f7b12ba96f7f32f2f60c9d
SHA512

1dad547667dc5e32888af5c75ec1e76775bfeb32293891bcf64f2a955fad8d6effebc63033dffc247c7ae26522f1a2d1d2acc2e70b529bc7e808c55b0968e25b
SSDEEP

1536:afI9gsYwFT7VHLqqhO5pFhyqMrrflLaHQIOxk5cKL5HEMWt6nW4ZH6WOMIKMMiUW:apDwrRqpnofRw7pVHMiHOMIKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a792847218164881799d42c75907f8cd_JaffaCakes118

Files

a792847218164881799d42c75907f8cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4aa43cc47c35ab26f3c27990e10a3b1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
ControlService
CreateServiceA
OpenSCManagerA
DeleteService
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA

ole32

StringFromGUID2
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
OleFlushClipboard
GetRunningObjectTable
GetConvertStg
CreateFileMoniker
CLSIDFromString
CreateDataAdviseHolder
CoTaskMemRealloc
CoTaskMemAlloc
CoLockObjectExternal
CoGetMalloc
CoFileTimeNow
CoCreateGuid
OleSetClipboard

user32

ShowCaret
MessageBeep
LoadIconA
IsCharUpperA
GetWindowTextA
EnableScrollBar
EnableMenuItem
DrawStateA
BeginPaint
ActivateKeyboardLayout
wsprintfA

shell32

SHGetMalloc
SHFileOperationA
SHGetFileInfoA
SHBindToParent

shlwapi

PathIsRootA
PathIsRelativeA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
StrStrIA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA

msvcrt

vsprintf
strstr
sprintf
rand
malloc
__set_app_type
getenv
strchr
free
fflush
_except_handler3
_errno
memchr

kernel32

OpenFileMappingA
SleepEx
lstrcmpA
LeaveCriticalSection
InterlockedIncrement
HeapAlloc
GetTimeFormatA
GetStartupInfoA
FreeResource
ExitThread
MapViewOfFile

Exports

Exports

Crl
Eob
Gpi
Igo
Jpv
Osb
Rrj
Vdc
Zlj

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4aa43cc47c35ab26f3c27990e10a3b1d

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 32KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 25KB - Virtual size: 28KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 29KB - Virtual size: 32KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 25KB - Virtual size: 28KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB