ef58b01bed7df86d1847ff15b72194e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef58b01bed7df86d1847ff15b72194e8_JaffaCakes118
Size

161KB
MD5

ef58b01bed7df86d1847ff15b72194e8
SHA1

4c8e67e5e5241dbc6e4befb328ad59204a594528
SHA256

20d255fbff8b0f37dee0e3eb7e49c6463947902dfa584b2eb152e820129a57be
SHA512

932988aaa205bb81a5441f385e4e8693b1c4526aadb80de83ec20380e35e7b5257c408fba83cb36de6ad59767ad9b5517cec2d4a1df1cbd48ea50074b44e2a0b
SSDEEP

3072:sQ1vi6GsuKIMCM7KFgulWiaaOmaRqeeTptVBU6DiZzey9V5Jkfik0:sQ1vi6P97Eguovm0S/DszRbw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef58b01bed7df86d1847ff15b72194e8_JaffaCakes118

Files

ef58b01bed7df86d1847ff15b72194e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70ed810cbb9d4ef38a19269f87b70db9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
ChangeServiceConfig2A
GetUserNameA
LockServiceDatabase
OpenSCManagerA
RegDeleteValueA
RegFlushKey
RegQueryValueExA
RegSetValueExA

kernel32

AddAtomA
CreateEventA
CreateMutexA
CreateProcessA
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GlobalAlloc
GlobalLock
HeapAlloc
HeapDestroy
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsDebuggerPresent
IsValidLocale
LCMapStringA
LoadLibraryA
LoadResource
LocalAlloc
LockResource
MapViewOfFile
Module32Next
MoveFileA
MultiByteToWideChar
OpenProcess
RaiseException
ReadProcessMemory
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsGetValue
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpyA
lstrlenA

user32

CharNextA
CharPrevA
CheckRadioButton
DispatchMessageA
DrawFocusRect
DrawTextA
EnableWindow
EnumChildWindows
EqualRect
FillRect
GetClientRect
GetDlgItemTextA
GetKeyState
GetWindowTextLengthA
IsIconic
IsRectEmpty
MessageBoxA
PostMessageA
RegisterClassExA
RegisterClipboardFormatA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowLongA
SetWindowPos
SetWindowRgn
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 110KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70ed810cbb9d4ef38a19269f87b70db9

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 25KB - Virtual size: 28KB

.INIT Size: 110KB - Virtual size: 236KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 28KB

.INIT
Size: 110KB - Virtual size: 236KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 4KB