daa4c75d705e144dd9ba884c483f64fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daa4c75d705e144dd9ba884c483f64fc_JaffaCakes118
Size

132KB
MD5

daa4c75d705e144dd9ba884c483f64fc
SHA1

59bf89d8bf2bebf43f71ed1dd94f4241cbab4a4e
SHA256

6e9c8cb4e4bc6ef0a9b4a18d8bfeaab5b1a9481f51d3dd367046392ab86aeee4
SHA512

7f4d8f7a956b2944383e6b4202938d2bcee8859243646e840e28c5dbf2c505b758205be649c4aea42bd8cc5fb1acf039d32f28c311c6debd3cb8e87c4760ed96
SSDEEP

1536:yzpU2lPcrI3XT9FWzJeaB7UsiqPEGLn2NW06pL974EU0I5zdbfwmTRS0yj8vhI/5:FWhGLYW06pZZS5RbfZTGjuyIJo77Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daa4c75d705e144dd9ba884c483f64fc_JaffaCakes118

Files

daa4c75d705e144dd9ba884c483f64fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c75539e8cdaeaec4bdf00bb46f497f07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigW
RegQueryValueA
QueryServiceStatus
SetEntriesInAclW
GetSidSubAuthorityCount
RegCloseKey
RevertToSelf
GetKernelObjectSecurity
SetFileSecurityA
RegSetValueExA
RegConnectRegistryA
RegCreateKeyW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
InitializeSid
InitializeSecurityDescriptor
CreateProcessAsUserW
RegEnumKeyExA
SetSecurityDescriptorOwner
RegCreateKeyExA
RegUnLoadKeyW
RegCreateKeyA
RegCreateKeyExW
MakeAbsoluteSD
DeleteService
CreateServiceW
RegOpenKeyExA
OpenSCManagerA
QueryServiceConfigW
LookupAccountNameW

kernel32

EnumResourceNamesW
DebugBreak
GetHandleInformation
DeleteCriticalSection
HeapCreate
CloseHandle
GetCommandLineW
GetTempPathW
GetFullPathNameA
SetCommConfig

shlwapi

PathIsUNCW
StrSpnA
SHDeleteKeyW
PathIsSameRootW
SHRegWriteUSValueW
StrTrimW
SHRegCloseUSKey
StrToIntW
PathGetArgsA
SHQueryValueExA
SHQueryValueExW
PathParseIconLocationW
SHRegGetBoolUSValueW
PathIsRelativeW
PathFileExistsW
SHGetValueW
PathIsSameRootA
StrDupW
PathFindNextComponentA
SHDeleteEmptyKeyA
PathUnquoteSpacesW
PathFindOnPathA
PathSetDlgItemPathW
StrToIntExA
SHRegDeleteEmptyUSKeyW
PathCompactPathExA
PathGetDriveNumberA
PathBuildRootA
PathStripPathA
PathMatchSpecW
PathAddExtensionA
SHDeleteValueW
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA
StrCatW
SHEnumKeyExW
PathBuildRootW
PathRenameExtensionW
PathAddBackslashW
StrFormatByteSizeW
SHSetValueW
PathGetDriveNumberW
PathCombineW
SHRegDeleteUSValueW
SHRegCreateUSKeyW
PathFileExistsA
PathUnquoteSpacesA
SHRegGetBoolUSValueA
StrNCatA
SHQueryInfoKeyW
PathIsPrefixA
PathIsContentTypeW
StrCmpW
PathAddBackslashA
StrSpnW
PathGetCharTypeW
PathQuoteSpacesA
StrCmpIW
StrFormatByteSizeA
PathRemoveBackslashW
SHDeleteKeyA
SHRegSetUSValueW
PathParseIconLocationA
PathAppendW
SHEnumValueW
PathFindExtensionW
PathIsUNCServerShareW
PathIsUNCServerShareA
PathFindOnPathW
PathRemoveFileSpecA
PathStripToRootW
StrTrimA
ChrCmpIW
PathCanonicalizeW
PathMakeSystemFolderW
PathIsSystemFolderW
PathIsPrefixW
PathCommonPrefixA
PathIsUNCA
PathRemoveExtensionA
PathSkipRootA
SHRegEnumUSValueW
PathCompactPathExW
PathRenameExtensionA
StrFromTimeIntervalW
StrCpyW
PathIsRelativeA
PathFindFileNameA
PathIsURLA
PathRemoveArgsW
PathQuoteSpacesW
SHSetValueA
SHDeleteEmptyKeyW
PathCompactPathW
PathCombineA
PathRemoveExtensionW
StrDupA
PathIsRootW
StrPBrkA
StrCSpnA
PathAppendA
StrToIntA
PathMakePrettyW
PathRelativePathToW
SHGetValueA
PathIsFileSpecA
PathIsUNCServerW
SHEnumKeyExA
PathCommonPrefixW
StrToIntExW
StrPBrkW
SHRegQueryUSValueW
PathMatchSpecA
SHRegOpenUSKeyW

gdi32

GetEnhMetaFileHeader
Polyline
PlayEnhMetaFile
LPtoDP
GetWindowOrgEx
CreateDIBPatternBrushPt
GetNearestPaletteIndex
EnumFontFamiliesExW
CreateFontIndirectW
PtVisible
GetTextExtentPoint32A
MoveToEx
SetRectRgn
EndPage
GetEnhMetaFileBits
GetTextAlign
ResizePalette
Polygon
CreateBitmap
TextOutA
GetGlyphOutlineW
SaveDC
StretchBlt
SetAbortProc
SetViewportExtEx
Pie
GdiFlush
StartDocA
DeleteEnhMetaFile
SetTextAlign
ScaleWindowExtEx
FillRgn
Rectangle
RectVisible
StartDocW
PolyBezierTo
SelectPalette
SetROP2
OffsetRgn
GetObjectA
CreateCompatibleBitmap
GetTextColor
PatBlt
CreatePenIndirect
StartPage
GetSystemPaletteEntries
GetClipBox
GetStockObject
EnumFontFamiliesA
GetBitmapBits
CreateDCA
SetViewportOrgEx
DeleteDC
GetClipRgn
BeginPath
SelectClipRgn
ExtSelectClipRgn
CombineRgn
SetMapMode
GetDIBColorTable
ExtFloodFill
GetPixel
CreateEllipticRgn
GetTextExtentPoint32W
CreateDIBSection
SetTextCharacterExtra
GetCharWidthA
CreatePen
SetTextColor
CreateSolidBrush
EndPath
StrokePath

wininet

InternetCanonicalizeUrlW
InternetCrackUrlA
InternetGetCookieA
CommitUrlCacheEntryA
FindFirstUrlCacheEntryExW
InternetTimeFromSystemTime
HttpAddRequestHeadersA
FtpRenameFileA
FtpFindFirstFileA
FindNextUrlCacheEntryW
InternetSetCookieA
InternetSetFilePointer
UnlockUrlCacheEntryFile
FtpDeleteFileW
FtpOpenFileW
InternetConnectA
InternetUnlockRequestFile
InternetConnectW
SetUrlCacheEntryGroup
HttpOpenRequestA
GetUrlCacheEntryInfoExA
ReadUrlCacheEntryStream
GopherFindFirstFileW
FtpGetFileA
FindFirstUrlCacheEntryW
FindCloseUrlCache
InternetFindNextFileW
CreateUrlCacheGroup
FtpCreateDirectoryA
FtpGetFileW
GopherOpenFileA
HttpSendRequestExA
FtpDeleteFileA
InternetCheckConnectionW
FindNextUrlCacheEntryExA
HttpOpenRequestW
GopherGetAttributeW
InternetCombineUrlA
InternetSetOptionExA
InternetSetCookieW
InternetQueryOptionW
InternetFindNextFileA
GopherGetLocatorTypeW
InternetGetLastResponseInfoA
CommitUrlCacheEntryW
InternetConfirmZoneCrossing
FtpRemoveDirectoryA
HttpQueryInfoA
GetUrlCacheEntryInfoA
InternetSetStatusCallback
InternetReadFileExA
InternetAutodialHangup
FindFirstUrlCacheEntryA
HttpSendRequestA
InternetGoOnline
FtpFindFirstFileW
HttpSendRequestW
InternetTimeToSystemTime
InternetSetOptionA
FtpOpenFileA
CreateUrlCacheEntryW
InternetCheckConnectionA
InternetGetConnectedState
FtpPutFileA
InternetLockRequestFile
InternetHangUp
FtpRenameFileW
RetrieveUrlCacheEntryFileA
FtpSetCurrentDirectoryW

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c75539e8cdaeaec4bdf00bb46f497f07

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

gdi32

wininet

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 47KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 47KB

.rsrc
Size: 28KB - Virtual size: 24KB