e2574039d607b8c28b5359d7e9b368bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e2574039d607b8c28b5359d7e9b368bb_JaffaCakes118
Size

858KB
MD5

e2574039d607b8c28b5359d7e9b368bb
SHA1

71a74eceee632d52d2d945066c295b6a2232198e
SHA256

2aa999b907963589620eff805fbdd15a5c5d30b8c8ab3d36fc8913ebf81d1007
SHA512

f45a5e9c36a8b72b7304d14b7d8a430430b93d7ce26a3a7fe416ba7b118e3ffcff804c37ef00bf7eca07d660eda23243ace5914f352f8db0409c557d1a314ca4
SSDEEP

12288:jRkhb4tohky+gNJMq5KjfOv6a91IgkVbVxOrYdrm4BQVJ0tdp1/26wDx72dF1RBh:jRkutWNyqYm9NEb+sZCOdTpw1YF1fGu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2574039d607b8c28b5359d7e9b368bb_JaffaCakes118

Files

e2574039d607b8c28b5359d7e9b368bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bb4e8bb7b40ac31c09cc5d3c1961b2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetSysColorsTemp
PaintDesktop
FindWindowExA
LoadMenuA
GetKeyboardLayout
SendInput
GetLastActivePopup
SetDebugErrorLevel
GetSysColorBrush
DrawStateA
MessageBeep
SetRect
GrayStringA
PackDDElParam
UnloadKeyboardLayout
OffsetRect
GetWindowLongA
CharToOemA
EnumWindows
GetDoubleClickTime
RegisterClassExA
LockWindowStation
SetScrollPos
DrawTextA
GetWindowTextA
CloseWindowStation
GetNextDlgGroupItem
FrameRect
GetMessageTime
DefMDIChildProcA
PeekMessageA
MessageBoxA
SetWindowContextHelpId
KillTimer
SwitchToThisWindow
SetCaretPos
UnpackDDElParam
DrawTextExA
ReleaseDC
CreateWindowExA
DrawEdge
GetCursor
EmptyClipboard
CreateDialogIndirectParamA
SetTimer
ToUnicodeEx
DrawCaption

advapi32

ControlService
AddAccessAllowedAce
CryptSetProvParam
ConvertSecurityDescriptorToAccessNamedA
QueryServiceLockStatusA
GetServiceKeyNameA
RegSaveKeyA
AddAuditAccessAce
RegSetKeySecurity
CryptVerifySignatureA
RegOpenKeyA
CryptDeriveKey
CryptSetHashParam
CryptDuplicateKey
CloseEventLog
QueryServiceConfigA
CryptImportKey
OpenThreadToken
AreAllAccessesGranted
CryptDecrypt
QueryServiceStatus
CreatePrivateObjectSecurity
RegFlushKey
CryptHashData
InitiateSystemShutdownA
GetSecurityInfo
RegCreateKeyA
RegReplaceKeyA
GetAclInformation
SetServiceStatus
AllocateAndInitializeSid
ReportEventA
GetSidSubAuthority
BuildTrusteeWithSidA
AreAnyAccessesGranted
GetNumberOfEventLogRecords
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegEnumKeyA
NotifyChangeEventLog
CryptDestroyHash
GetExplicitEntriesFromAclA
CryptExportKey

kernel32

Heap32Next

Sections

.jgzuz
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enih
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixkfod
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dedgf
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wper
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dyrez
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ohczgr
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.unuxcf
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mfcpwd
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bb4e8bb7b40ac31c09cc5d3c1961b2a

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.jgzuz Size: 635KB - Virtual size: 1.3MB

.enih Size: 5KB - Virtual size: 5KB

.ixkfod Size: 19KB - Virtual size: 27KB

.dedgf Size: 512B - Virtual size: 20KB

.wper Size: 6KB - Virtual size: 15KB

.dyrez Size: 512B - Virtual size: 56B

.ohczgr Size: 512B - Virtual size: 24B

.unuxcf Size: 48KB - Virtual size: 76KB

.mfcpwd Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.jgzuz
Size: 635KB - Virtual size: 1.3MB

.enih
Size: 5KB - Virtual size: 5KB

.ixkfod
Size: 19KB - Virtual size: 27KB

.dedgf
Size: 512B - Virtual size: 20KB

.wper
Size: 6KB - Virtual size: 15KB

.dyrez
Size: 512B - Virtual size: 56B

.ohczgr
Size: 512B - Virtual size: 24B

.unuxcf
Size: 48KB - Virtual size: 76KB

.mfcpwd
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB