ded39094df86adb83050b9b0c465972d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ded39094df86adb83050b9b0c465972d_JaffaCakes118
Size

51KB
MD5

ded39094df86adb83050b9b0c465972d
SHA1

c347dd750be9f99c1b5673a8eb1a2e1e0cfca4e1
SHA256

162c8c28b257708d5c42e0e18f7ee8d42db8d28800437a7ed0ba73062abd5706
SHA512

29fb57c9c7284a2bfe4f88f8324e00fb0b3fbbd61c1659a53aefd15fcbc89b1c46d713b582aedf037708c5e950907f6554e3f5cf9020cf2d2e27da86c68c936c
SSDEEP

1536:5EZuIOyZZjw4JNxay4kCGynI7wOQTHupt1:5KbOqjw4ay4kCGynIBQTHq/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded39094df86adb83050b9b0c465972d_JaffaCakes118

Files

ded39094df86adb83050b9b0c465972d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ceea0327c8b0743cd3c59c023ed8f56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
ChangeServiceConfig2A
EqualSid
GetTokenInformation
InitializeSecurityDescriptor
LookupPrivilegeValueA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
SetSecurityDescriptorDacl
StartServiceA

kernel32

CompareStringA
CreateEventA
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetCommandLineA
GetConsoleCP
GetCurrentProcessId
GetDriveTypeA
GetEnvironmentStringsA
GetFileAttributesA
GetFileTime
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadLocale
GetThreadTimes
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapDestroy
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsBadWritePtr
LoadLibraryA
LoadLibraryExA
LocalFree
LockResource
MapViewOfFile
Module32First
MoveFileExA
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RemoveDirectoryA
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetHandleCount
SetThreadPriority
SetUnhandledExceptionFilter
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
WriteConsoleA
WriteFile
lstrcmpiA
lstrlenA

user32

CharUpperA
CheckMenuItem
DefWindowProcA
DestroyIcon
DialogBoxParamA
EnableMenuItem
FillRect
GetCursorPos
GetDesktopWindow
GetSubMenu
GetSystemMenu
GetWindowTextLengthA
IsChild
IsWindowVisible
LoadCursorA
LoadImageA
LoadStringA
MapWindowPoints
MessageBeep
MessageBoxA
MoveWindow
OffsetRect
PostMessageA
ReleaseCapture
ReleaseDC
SendDlgItemMessageA
SetForegroundWindow
SetMenu
SystemParametersInfoA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ceea0327c8b0743cd3c59c023ed8f56

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 17KB - Virtual size: 20KB

.INIT Size: 12KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 20KB

.INIT
Size: 12KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB