ee7cc67131cad7dff333e204fb68eb9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ee7cc67131cad7dff333e204fb68eb9f_JaffaCakes118
Size

90KB
MD5

ee7cc67131cad7dff333e204fb68eb9f
SHA1

97dd7399ea9097e727c22df9fe9c82f53318a513
SHA256

629acf08344c05b51ee8c670075f3b891a636986221accde2a306512f59a7c1d
SHA512

db96ebf336216e13af2d864864fb51f2eeac0303049d09173aa2c074fb93366cd626623d2f92c1c8274f6f3b8c3086096e57a2455fdf72de303c8331096c8571
SSDEEP

1536:uF+Sxbuho4r/xTd6Svitous/QXvsc89wEsWjcdj4v8hVXCAd:uF+QF4r/3itLacwoVX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee7cc67131cad7dff333e204fb68eb9f_JaffaCakes118

Files

ee7cc67131cad7dff333e204fb68eb9f_JaffaCakes118
.exe windows:6 windows x86 arch:x86

471aa6d22ff9845e0822d6809458ed94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CreateDirectoryA
SetFileTime
SystemTimeToFileTime
ExpandEnvironmentStringsA
WriteFile
CreateFileA
lstrcpyA
LocalFree
LocalAlloc
GetCurrentProcess
GetCurrentThread
CloseHandle
GetStartupInfoW
MultiByteToWideChar
GetModuleFileNameA
WinExec
GetLastError
CreateMutexW
GetSystemInfo
LoadLibraryW
Sleep
GetTickCount
TerminateProcess
OutputDebugStringW
ReadFile
SetEndOfFile
CreateFileW
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
LoadLibraryExW
ReadConsoleW
GetCPInfo
GetCommandLineW
HeapAlloc
HeapFree
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP

advapi32

CreateServiceA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
OpenSCManagerW
FreeSid
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
OpenProcessToken
OpenThreadToken
ImpersonateSelf
CreateProcessWithLogonW
ChangeServiceConfig2A

shell32

ShellExecuteA
ShellExecuteExW

shlwapi

PathRemoveFileSpecA

ntdll

NtSetInformationThread
NtClose
RtlLengthSid
NtSetInformationToken
RtlAllocateAndInitializeSid
NtDuplicateToken
NtOpenProcessToken
NtTerminateProcess
RtlFreeSid
RtlSetLastWin32Error
RtlNtStatusToDosError
NtFilterToken

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

471aa6d22ff9845e0822d6809458ed94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

ntdll

wininet

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB