ac53d34e66b23754903b04ec673ea731_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac53d34e66b23754903b04ec673ea731_JaffaCakes118
Size

141KB
MD5

ac53d34e66b23754903b04ec673ea731
SHA1

ebe89fcf7be28cfeaac34e59b1aade143195ccf4
SHA256

2dbcb348929e4aed735a36eddc1eddbc6790c5badf7239d960158a32530f1edc
SHA512

b37c53eb8a0ed1a0deaca3988a185dd69be9887ed526c11a5e12b70a52786664156b6d6a0cdaae1cf1a499576aa9137e0c8fa8c94025a9a56da61a39c6845d8b
SSDEEP

1536:UqynealCCCauv0sm/IFsg8X9MBFdr+YUzOHgwwJ/71klC6q55DeoXHqnAi2z6r8z:Uq8eEwO39cHwpLD7HB6KF/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac53d34e66b23754903b04ec673ea731_JaffaCakes118

Files

ac53d34e66b23754903b04ec673ea731_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18f334aab2452a143adada67f47dce91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
OpenSemaphoreW
CompareStringA
SearchPathW
SetThreadPriorityBoost
SetStdHandle
EnumSystemCodePagesA
CreateIoCompletionPort
GetEnvironmentVariableW
LocalReAlloc
QueryDosDeviceA
GetCurrentDirectoryW
ExitProcess
GetSystemTime
_hread
GetStartupInfoA
FlushFileBuffers
SetCommMask
IsDBCSLeadByteEx
WritePrivateProfileSectionA
CreateMutexA
GetNumberFormatW
GetModuleFileNameW
VirtualQuery
MoveFileW
GlobalFindAtomW
FindResourceExW
FatalAppExitA
GetSystemTimeAsFileTime
FreeLibrary
TryEnterCriticalSection
LocalSize
ReleaseSemaphore
SetCommTimeouts
DebugBreak
FillConsoleOutputCharacterA
LoadResource
GetDriveTypeA
GetCommandLineA
VirtualAlloc
SetHandleCount

user32

UnregisterHotKey
GetQueueStatus

gdi32

StretchBlt
GetWindowExtEx
InvertRgn
GetTextAlign

advapi32

CryptVerifySignatureA
RegisterEventSourceA
SetFileSecurityW
InitializeAcl
CryptHashData
CryptSetProvParam
RegOpenKeyExA
AccessCheckAndAuditAlarmW
AbortSystemShutdownW
RegConnectRegistryW
GetFileSecurityW
IsValidSid
ObjectCloseAuditAlarmW
RegUnLoadKeyA
RegEnumKeyExW
RevertToSelf
RegCreateKeyA
ImpersonateLoggedOnUser
SetSecurityDescriptorOwner
LookupPrivilegeNameA
SetPrivateObjectSecurity
CryptSignHashW
RegOpenKeyExW
GetPrivateObjectSecurity
EnumServicesStatusW
GetSidSubAuthorityCount
MapGenericMask
ChangeServiceConfigA
GetCurrentHwProfileW
SetTokenInformation
StartServiceCtrlDispatcherW
GetSecurityDescriptorOwner
IsValidSecurityDescriptor

shell32

SHFileOperationW
SHChangeNotify
Shell_NotifyIconW
SHLoadInProc

ole32

OleSaveToStream
OleSave
GetRunningObjectTable
OleRegGetMiscStatus

oleaut32

SysAllocStringLen
SetErrorInfo

comctl32

ImageList_SetImageCount
ImageList_Merge

shlwapi

PathCanonicalizeA
StrToIntW
PathFindOnPathW
StrCmpLogicalW
PathCompactPathExW
SHCopyKeyA
StrTrimA
SHRegOpenUSKeyW
StrFormatByteSize64A
StrCmpNA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18f334aab2452a143adada67f47dce91

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 264KB - Virtual size: 263KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 264KB - Virtual size: 263KB