b5a4f4982796bfe4353a25c501349631_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5a4f4982796bfe4353a25c501349631_JaffaCakes118
Size

59KB
MD5

b5a4f4982796bfe4353a25c501349631
SHA1

d697c675c35f796a5cc5b31c97ec7ff2d81ebb1c
SHA256

cfff6e8e1a049f8d19752dce8015f810ae4d6df6d112ba58c075858a7a103aea
SHA512

652f303a74e0b6261e543af785ca79c1c44b6123d83d27fe1db26c4448e581db94d418e87f508f3df93405ab38e32e07f8cf92ec603963301a93e49b499779f8
SSDEEP

1536:XHtVspZz0jg2jEv0okEdFgoZD/JyzArftMlHfkgDU:dVspFrA6kqF1ZD/J2Arft2HfRDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a4f4982796bfe4353a25c501349631_JaffaCakes118

Files

b5a4f4982796bfe4353a25c501349631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35114aa4e38cb02a7425888d9d2b844e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
GetSecurityDescriptorControl
CryptContextAddRef
GetServiceDisplayNameA
CryptEncrypt
RegSaveKeyA
AccessCheck
CryptDestroyHash
GetSidSubAuthority
OpenEventLogA
RegUnLoadKeyA
GetMultipleTrusteeA
ControlService
CryptGenKey
BuildSecurityDescriptorA
AddAce
GetNumberOfEventLogRecords
GetExplicitEntriesFromAclA
IsTextUnicode
GetAclInformation
InitializeAcl
QueryServiceObjectSecurity
SetEntriesInAuditListA
SetServiceStatus
RegConnectRegistryA
GetTrusteeTypeA
CryptGetKeyParam
CryptHashSessionKey
FindFirstFreeAce
CopySid
GetSecurityDescriptorOwner
ChangeServiceConfigA
RegFlushKey
ObjectDeleteAuditAlarmA
EnumDependentServicesA
RegQueryValueA
BackupEventLogA
RegDeleteValueA
RevertToSelf

user32

SendIMEMessageExA
SetDoubleClickTime
SetScrollInfo
GetDlgCtrlID
EnumDisplayMonitors
DdeClientTransaction
AlignRects
DdeEnableCallback
FreeDDElParam
DrawCaption
InvalidateRgn
ArrangeIconicWindows
DlgDirSelectExA
LoadMenuIndirectA
GetKBCodePage
CloseDesktop
RegisterDeviceNotificationA
EnableScrollBar
DdeQueryStringA
SetMenuDefaultItem
DdeGetLastError
InsertMenuItemA
UpdateWindow
IsCharLowerA
BringWindowToTop
DdeNameService
RemovePropA
CreateIconIndirect
DestroyAcceleratorTable
PostQuitMessage
SetClipboardData
PackDDElParam
SetCaretBlinkTime
DrawMenuBar
IsDialogMessage
ChangeMenuA
ScrollDC
GetClipboardFormatNameA
ChildWindowFromPointEx
MapVirtualKeyExA
SetMessageExtraInfo
GetWindowWord
OemToCharA
GetLastActivePopup
RedrawWindow
InSendMessage
SetProcessWindowStation
MsgWaitForMultipleObjects
VkKeyScanA
MonitorFromPoint
DestroyMenu

shlwapi

PathAppendA

Sections

.mbubi
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.durs
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dator
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gnq
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35114aa4e38cb02a7425888d9d2b844e

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

Sections

.mbubi Size: 22KB - Virtual size: 45KB

.durs Size: 5KB - Virtual size: 10KB

.dator Size: 1024B - Virtual size: 1KB

.gnq Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.mbubi
Size: 22KB - Virtual size: 45KB

.durs
Size: 5KB - Virtual size: 10KB

.dator
Size: 1024B - Virtual size: 1KB

.gnq
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB