c18af4b8171358f6a6230893561eae14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c18af4b8171358f6a6230893561eae14_JaffaCakes118
Size

244KB
MD5

c18af4b8171358f6a6230893561eae14
SHA1

def61a6bdb0b641e6fd161bd56c30ef43b9cedef
SHA256

7e6ca04500bc4a3ac9f1d7bb224bfac56dd32ba4f1422d7c89935ce2c2eba0d2
SHA512

7a22029b63e6aa6d1ffc78529c275b5f989e896c5d0502bf7549a6c231889a89b0dd48121f74a3c4fc13607a7911a49cdddcc5c5b7ef559013e2c343cda4847a
SSDEEP

3072:bzjUmOdVkGyiaZyLgTtqjI6y3RiXl49o8tuo5ygfkSdnxlJp7VBiwu9/1s57+Qfu:vjUmOdVLFjLgMjI6sooc+pBQT9eZ+QP+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c18af4b8171358f6a6230893561eae14_JaffaCakes118

Files

c18af4b8171358f6a6230893561eae14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

300c69fe3c3ae006012661c2d5ca6e6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
OleUninitialize
OleInitialize

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
LookupPrivilegeValueA
GetTokenInformation
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
AdjustTokenPrivileges
SetServiceStatus
SetEntriesInAclA
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken

usp10

ScriptItemize
ScriptGetProperties
ScriptGetLogicalWidths
ScriptGetGlyphABCWidth
ScriptIsComplex

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpGetDefaultProxyConfiguration
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
WinHttpDetectAutoProxyConfigUrl
WinHttpConnect
WinHttpCloseHandle
WinHttpCheckPlatform
WinHttpReadData

kernel32

GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
RtlUnwind
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
ReadFile
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
IsBadWritePtr
CreateDirectoryA
DeleteFileA
ResetEvent
VirtualFree
VirtualAlloc
WriteConsoleW
lstrlenA
GetSystemWindowsDirectoryA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter

Exports

Exports

ira

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300c69fe3c3ae006012661c2d5ca6e6a

Headers

File Characteristics

Imports

ole32

advapi32

usp10

winhttp

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 124KB - Virtual size: 761KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 124KB - Virtual size: 761KB

.reloc
Size: 12KB - Virtual size: 9KB