b83e47502f5edb01f1fa6e137a491ca3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b83e47502f5edb01f1fa6e137a491ca3_JaffaCakes118
Size

59KB
MD5

b83e47502f5edb01f1fa6e137a491ca3
SHA1

d52be116ab377bf91c555e35d4c72c3c40c44717
SHA256

9643a5def52235abffa2279b680ba65d17c43971e1c1081da9ca26fd749d4f94
SHA512

2926c5d2c5ddf6066673b4f5f598be03fd5be6678e1d66ee5f3c3bf6e29a060fd239432712aa7e0859a03516a3a6dae0a5c76fb65910d43557da7714d8081a07
SSDEEP

1536:BkP4KMrp5fHqj6LEa046Qp50G/YFuB6kpuHGRhTNW6:BcQrHzEaN/pqG/YFuMoeGRhTNW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b83e47502f5edb01f1fa6e137a491ca3_JaffaCakes118

Files

b83e47502f5edb01f1fa6e137a491ca3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

359fe6068c1986d5c9bdfed9e1f81a5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetServiceDisplayNameA
GetSidSubAuthority
CopySid
GetSecurityDescriptorOwner
IsTextUnicode
ControlService
BackupEventLogA
QueryServiceObjectSecurity
CryptSetKeyParam
GetSecurityDescriptorControl
RegFlushKey
GetAclInformation
PrivilegeCheck
ChangeServiceConfigA
CryptGenKey
CryptGetKeyParam
CryptHashSessionKey
AllocateAndInitializeSid
CryptSignHashA
BuildSecurityDescriptorA
EnumDependentServicesA
FindFirstFreeAce
CryptContextAddRef
CryptEncrypt
AccessCheck
RegConnectRegistryA
RegDeleteValueA
RegUnLoadKeyA
AddAce
SetServiceStatus
OpenEventLogA
DeregisterEventSource
RegQueryValueA
RegOpenKeyA
CryptDestroyHash
GetNumberOfEventLogRecords
GetMultipleTrusteeA

user32

GetScrollBarInfo
LoadIconA
GetIconInfo
MsgWaitForMultipleObjects
ShowWindowAsync
CharToOemBuffA
EnumPropsExA
DdeUnaccessData
GetWindowInfo
DdeClientTransaction
GetMenuItemCount
DdeEnableCallback
PackDDElParam
SetKeyboardState
IsCharLowerA
DdeGetLastError
DdeNameService
InvalidateRgn
MapVirtualKeyExA
GetDoubleClickTime
CascadeWindows
SetScrollInfo
GetClassWord
SwitchToThisWindow
CheckMenuItem
GetProcessDefaultLayout
SetSysColors
GetShellWindow
GetAsyncKeyState
GetWindowWord
CopyIcon
UnpackDDElParam
RemovePropA
SetWindowContextHelpId
EnableScrollBar
UpdateWindow
LoadAcceleratorsA
SetDebugErrorLevel
GetNextDlgTabItem
GetKBCodePage
CreateIconIndirect
DlgDirSelectExA
wvsprintfA
UnhookWinEvent
SetWindowRgn
LookupIconIdFromDirectory
TranslateAccelerator
CreateWindowExA
DdeCreateDataHandle
OpenDesktopA
GetComboBoxInfo
SetDoubleClickTime
CharNextExA

kernel32

GetModuleFileNameA

Sections

.dexu
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ebg
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.podmt
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fuj
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

359fe6068c1986d5c9bdfed9e1f81a5a

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.dexu Size: 22KB - Virtual size: 45KB

.ebg Size: 5KB - Virtual size: 10KB

.podmt Size: 1024B - Virtual size: 1KB

.fuj Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.dexu
Size: 22KB - Virtual size: 45KB

.ebg
Size: 5KB - Virtual size: 10KB

.podmt
Size: 1024B - Virtual size: 1KB

.fuj
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB