edeb2415dd04da94616485e09ac5d23f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

edeb2415dd04da94616485e09ac5d23f_JaffaCakes118
Size

264KB
MD5

edeb2415dd04da94616485e09ac5d23f
SHA1

02e2dcc104c8f5ad824a499d9b489e0d14009485
SHA256

9db356a98dbafc844cdf45c49636b902ea286648404026abde26e8ab414feee9
SHA512

e535382c036762195a0595705e02117bc97f9537e13e0615e0e56cbe9c546f8308850080170b1977032ef8cebff920bcd572c8a102d91d090a5231f296819e7a
SSDEEP

6144:ZzDKvq6LoXBsBpRu6MulUjoZhizAWUfFzgn7lCU8Y1kDsjn1Abju:Zyvq6qBmsrpoZwMXBSCUn0sj1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edeb2415dd04da94616485e09ac5d23f_JaffaCakes118

Files

edeb2415dd04da94616485e09ac5d23f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74bc64f7322d0adbdfb087c90e7d12e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
VirtualAlloc
IsValidCodePage
ReadFile
HeapDestroy
EnterCriticalSection
HeapFree
CompareStringA
GetTickCount
SetFilePointer
WriteConsoleA
GetDateFormatA
LoadLibraryA
GetCurrentProcessId
WriteFile
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
LCMapStringA
TerminateProcess
EnumResourceTypesA
RaiseException
CompareStringW
InitializeCriticalSection
HeapReAlloc
SetStdHandle
GetLocaleInfoA
GetACP
SetEndOfFile
GetConsoleOutputCP
QueryPerformanceCounter
GetTimeZoneInformation
HeapCreate
GetSystemTimeAsFileTime
CompareFileTime
MultiByteToWideChar
IsDebuggerPresent
GetOEMCP
HeapSize
SetEnvironmentVariableA
GetTimeFormatA
VirtualFree
GetCurrentProcess
LeaveCriticalSection
LCMapStringW
GetStringTypeW
GetStringTypeA

iphlpapi

GetIpAddrTable

advapi32

RegGetKeySecurity
RegSaveKeyW
RegOpenKeyExW
LookupPrivilegeDisplayNameA
ChangeServiceConfig2W
GetAclInformation
RegCloseKey
DeleteService
EnumDependentServicesW
FreeSid
RegDeleteValueW
OpenServiceW
StartServiceA
CloseServiceHandle
AdjustTokenPrivileges
SetNamedSecurityInfoW
RegRestoreKeyW
QueryServiceLockStatusW
CreateServiceW
InitializeSecurityDescriptor
OpenSCManagerW
RegDeleteKeyW
IsValidSecurityDescriptor
QueryServiceConfigW
EqualSid
RegSetValueExW
SetSecurityDescriptorDacl
LookupPrivilegeValueA
GetNamedSecurityInfoW
LookupAccountSidW
OpenProcessToken
IsValidAcl
LockServiceDatabase
GetAce
AddAce
SetSecurityInfo
GetInheritanceSourceW
QueryServiceStatus
ChangeServiceConfigW
GetTokenInformation
RegCreateKeyExW
LookupPrivilegeNameA
AllocateAndInitializeSid
SetEntriesInAclW
InitializeAcl
RegQueryValueExW
GetSecurityDescriptorControl
GetSecurityInfo
SetEntriesInAclA
RegEnumKeyExW
ControlService
FreeInheritedFromArray
UnlockServiceDatabase
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74bc64f7322d0adbdfb087c90e7d12e7

Headers

File Characteristics

Imports

kernel32

iphlpapi

advapi32

oleacc

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 146KB

.data Size: 202KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 146KB

.data
Size: 202KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB