ad687aa68db3242754a51c8648feee5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad687aa68db3242754a51c8648feee5e_JaffaCakes118
Size

128KB
MD5

ad687aa68db3242754a51c8648feee5e
SHA1

81d6add11f630f08b6b7b141db9b5e9ead04040d
SHA256

d8574fc3489b02b265977ffd3dc7b49ea15b54f0c692ab562d07dba66ed98280
SHA512

e20555947183d6e4614052ff77b44953e0a541e17b01b0b48b783b663304257a7c7f554384b10b6f8123583d245db5411d940d6190a89fd77e6ff3b23867db30
SSDEEP

3072:00s2PwfE9iKnhbEeIQllwPJM+BDfJKMMiU1m9:00s2PZ9iehQrglSjJKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad687aa68db3242754a51c8648feee5e_JaffaCakes118

Files

ad687aa68db3242754a51c8648feee5e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
AdjustTokenPrivileges
OpenProcessToken
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
InitializeSecurityDescriptor

ole32

WriteFmtUserTypeStg
StgCreateDocfileOnILockBytes
ReadClassStg
OleSetClipboard
GetRunningObjectTable
CLSIDFromString
GetConvertStg
CreateFileMoniker
CoUninitialize
CoLockObjectExternal
CoGetClassObject
WriteClassStm

user32

SetMenuInfo
OemToCharA
LoadMenuA
LoadAcceleratorsW
GetDC
GetCursor
CreateIconFromResource
CreateDialogParamA
CharNextA

shell32

SHGetFileInfoA
SHFileOperationA
SHGetMalloc
SHBindToParent

shlwapi

StrStrIA
PathIsRootA
PathIsRelativeA
PathIsDirectoryA
StrChrA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathFindFileNameA
PathMatchSpecA

msvcrt

time
strlen
__set_app_type
sscanf
realloc
memcpy
memchr
malloc
free
fflush
memmove

kernel32

SetCurrentDirectoryA
UnmapViewOfFile
lstrcatA
lstrcmpA
lstrlenA
OpenFile
LoadLibraryA
HeapAlloc
FindResourceA
CompareStringA
OpenFileMappingA

Exports

Exports

Hvy
Sgx
Yle

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8df7a152787979df642a5a648fe82227

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 32KB

.rdata Size: 31KB - Virtual size: 32KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 10KB - Virtual size: 12KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 29KB - Virtual size: 32KB

.rdata
Size: 31KB - Virtual size: 32KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 28KB