aedf58a77b847a9264e7c5f9b29c7304_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aedf58a77b847a9264e7c5f9b29c7304_JaffaCakes118
Size

260KB
MD5

aedf58a77b847a9264e7c5f9b29c7304
SHA1

7e0de1a575c58c546163cd2193564bfbba01718d
SHA256

508f368ab56ad090dae729ad748b645a4d9b101c01db8ddf5b49141b32339874
SHA512

1509cdf39d0d38a0af32a6b02cdf58f05be922d83780e1290082e2a802e84ca44d7dbd399204996079b3611e2d2d5252a554a77ece5e7e7fd02b54f5b6d176d6
SSDEEP

3072:zpVxRHSi0TFbI2YxO4vizS0n3q6itA760lfzLFWCdKMd/0PPJ+gMRFc55Lc87SR5:TLSi0J1iO4KO4q6Lnv105+/cLoWPBrS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aedf58a77b847a9264e7c5f9b29c7304_JaffaCakes118

Files

aedf58a77b847a9264e7c5f9b29c7304_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a9aa0ee9a2b48d2d4df9b357e4805c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CloseHandle
CompareStringA
CreateEventA
CreateToolhelp32Snapshot
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindNextFileA
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetThreadLocale
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalFree
GlobalReAlloc
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
IsDebuggerPresent
LoadLibraryA
LoadResource
LocalFree
Module32Next
MulDiv
MultiByteToWideChar
OpenProcess
ReadFile
RemoveDirectoryA
SearchPathA
SetErrorMode
SetLastError
Sleep
SuspendThread
WideCharToMultiByte
WritePrivateProfileStringA
lstrlenA

user32

DialogBoxParamA
LoadCursorA
SendDlgItemMessageA

advapi32

AdjustTokenPrivileges
ChangeServiceConfig2A
ChangeServiceConfigA
GetSecurityDescriptorControl
OpenProcessToken
OpenSCManagerA
OpenServiceA
RegCloseKey
RegOpenKeyExA
UnlockServiceDatabase

Sections

.text
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 58KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a9aa0ee9a2b48d2d4df9b357e4805c9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 189KB - Virtual size: 192KB

.DATA Size: 58KB - Virtual size: 2.7MB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 189KB - Virtual size: 192KB

.DATA
Size: 58KB - Virtual size: 2.7MB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 1KB