e0b5a8823711f0c016fd3a73ce2cbaf1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0b5a8823711f0c016fd3a73ce2cbaf1_JaffaCakes118
Size

55KB
MD5

e0b5a8823711f0c016fd3a73ce2cbaf1
SHA1

9d738373ef7a17039cf9e1aca1d730cd3d54cd1b
SHA256

837c2127f497c1594aacf1cfba3fe3e31eeca8162eafd5fd0f876fb7fd9dd8f9
SHA512

ac208f56f079a1913964aee41fc23829d4b37640786a9c0783a8f7d2c1960472a8f2e40f4c0e10032883dafbda93fe6898ae52551b2669b649f5f89d37eacec1
SSDEEP

768:YLg5ydGP6wV80Cm0EA+WPdeoXaXnLePA39cWG/DYwj27DAlo1hRR:YLg5eGLVbCz+WVeL6k+WGUChuRR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b5a8823711f0c016fd3a73ce2cbaf1_JaffaCakes118

Files

e0b5a8823711f0c016fd3a73ce2cbaf1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df261d4d90c87545518ebe076a06489a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA

advapi32

AdjustTokenPrivileges
CloseServiceHandle
GetUserNameA
ImpersonateSelf
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl

kernel32

CreateEventA
CreateMutexA
FindResourceW
FreeLibrary
GetACP
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetShortPathNameA
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeFormatA
GetVersionExA
GetVolumeInformationA
GlobalAlloc
InitializeCriticalSection
LoadLibraryA
LocalFree
MulDiv
MultiByteToWideChar
OpenEventA
OpenMutexA
SetErrorMode
SetEvent
Sleep
WaitForMultipleObjects
WaitForSingleObject
lstrcmpiA
lstrcpynA
lstrlenA
lstrcmpW
GetProcAddress

netapi32

NetServerEnum

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wsock32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
htons
ioctlsocket
inet_addr
recv
send
socket

comctl32

ImageList_Draw
ImageList_GetIconSize

comdlg32

GetOpenFileNameW

gdi32

CreateCompatibleDC
CreateFontIndirectW
CreateRectRgn
DeleteObject
StretchDIBits

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteW

user32

CharPrevA
CharUpperA
DestroyIcon
GetCursorPos
GetForegroundWindow
GetSystemMetrics
InvalidateRect
IsIconic
MessageBoxA
OffsetRect
OpenClipboard
PostMessageA
RegisterClassW
SendMessageW
SetCapture
SetFocus
SetForegroundWindow
SetTimer
SetWindowPos
WinHelpA

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoUninitialize

oleaut32

OleLoadPicture
SysAllocStringByteLen
SysAllocStringLen
SysFreeString

serialui

drvCommConfigDialogA
drvCommConfigDialogW
drvSetDefaultCommConfigA

hnetmon

InitHelperDll

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jJyU
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ihBjmu
Size: 1KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MMkTw
Size: 1KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YqUuA
Size: 2KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yIoX
Size: 6KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zcP
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AV
Size: 1KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SwSqn
Size: 7KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zax
Size: 3KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Z
Size: 4KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df261d4d90c87545518ebe076a06489a

Headers

File Characteristics

Imports

shlwapi

advapi32

kernel32

netapi32

version

wsock32

comctl32

comdlg32

gdi32

shell32

user32

ole32

oleaut32

serialui

hnetmon

Sections

.text Size: 11KB - Virtual size: 11KB

.jJyU Size: 1024B - Virtual size: 1KB

.ihBjmu Size: 1KB - Virtual size: 65KB

.rdata Size: 3KB - Virtual size: 51KB

.MMkTw Size: 1KB - Virtual size: 266KB

.YqUuA Size: 2KB - Virtual size: 516KB

.yIoX Size: 6KB - Virtual size: 91KB

.zcP Size: 1KB - Virtual size: 32KB

.AV Size: 1KB - Virtual size: 118KB

.data Size: 7KB - Virtual size: 243KB

.SwSqn Size: 7KB - Virtual size: 66KB

.zax Size: 3KB - Virtual size: 605KB

.Z Size: 4KB - Virtual size: 727KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.jJyU
Size: 1024B - Virtual size: 1KB

.ihBjmu
Size: 1KB - Virtual size: 65KB

.rdata
Size: 3KB - Virtual size: 51KB

.MMkTw
Size: 1KB - Virtual size: 266KB

.YqUuA
Size: 2KB - Virtual size: 516KB

.yIoX
Size: 6KB - Virtual size: 91KB

.zcP
Size: 1KB - Virtual size: 32KB

.AV
Size: 1KB - Virtual size: 118KB

.data
Size: 7KB - Virtual size: 243KB

.SwSqn
Size: 7KB - Virtual size: 66KB

.zax
Size: 3KB - Virtual size: 605KB

.Z
Size: 4KB - Virtual size: 727KB

.rsrc
Size: 2KB - Virtual size: 1KB