aef6e6cede661017cb0fc42826a2cb18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aef6e6cede661017cb0fc42826a2cb18_JaffaCakes118
Size

71KB
MD5

aef6e6cede661017cb0fc42826a2cb18
SHA1

659a0a55a801ed947260d6430fadcdc97874fec5
SHA256

11dd4b711d803adbeb4c84b6a496bb20ca3c929c49236041e3b94d02a4e13b60
SHA512

65ead20cbdd5245bcb013a38bc67ff3cad3249fc65e9466eba08f8943bf4194cbd5d55bc5d0025178aa2bf04922758ad3d712c4db53de02c6bfbc707bb1fbc2a
SSDEEP

1536:tGGIa8F0WfD7py2u/ND6sRuq5mZGO7a9LAfySykD:tGa2ffUf/N+sRuq5rOecLykD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aef6e6cede661017cb0fc42826a2cb18_JaffaCakes118

Files

aef6e6cede661017cb0fc42826a2cb18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4dc484f0e573d70cebe262d1d60b0b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
CloseServiceHandle
GetTokenInformation
InitializeSecurityDescriptor
LockServiceDatabase
OpenServiceA
RegCloseKey
RegCreateKeyExA
SetServiceStatus

kernel32

CompareStringA
ContinueDebugEvent
CreateDirectoryA
CreateEventA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentThread
GetEnvironmentVariableA
GetExitCodeProcess
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStringTypeA
GetSystemTimeAsFileTime
GetThreadLocale
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LocalAlloc
Module32Next
MoveFileA
OpenEventA
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
ResumeThread
RtlUnwind
SearchPathA
SetEndOfFile
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetPriorityClass
SuspendThread
TerminateProcess
TlsFree
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
lstrcpyA
lstrlenA

user32

BeginPaint
CallWindowProcA
CharLowerA
CharPrevA
CharUpperA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DispatchMessageA
FillRect
GetAsyncKeyState
GetFocus
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowThreadProcessId
InflateRect
IsDlgButtonChecked
KillTimer
LoadCursorA
LoadIconA
MapWindowPoints
MessageBoxA
SendMessageA
SetCapture
SetRect
SetTimer
SetWindowTextA
SystemParametersInfoA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fmtsj
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pppfs
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4dc484f0e573d70cebe262d1d60b0b6

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 32KB - Virtual size: 36KB

.bss Size: 16KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

fmtsj Size: 1024B - Virtual size: 4KB

pppfs Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.bss
Size: 16KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

fmtsj
Size: 1024B - Virtual size: 4KB

pppfs
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB