faff9ade9ef7f0d866ca6a1a0e143294_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

faff9ade9ef7f0d866ca6a1a0e143294_JaffaCakes118
Size

259KB
MD5

faff9ade9ef7f0d866ca6a1a0e143294
SHA1

491ec5384fb6fbdedcfc55a32bd91746304216e9
SHA256

0a5fdb177d6b45eb739a883ce4d1af930918b726c03075cbcf5e066991e3a89d
SHA512

2335112eaedee9896a41f5793e3bd77ef3997b3fa38d02de0d6aceba00748e173cbba3f9281341e77c44c943edcd8da8b8ff6c4d0c06f20dc6587874f1556d7c
SSDEEP

6144:rWJH4cfJs1tCBThOoXUMhfexPicgwxRN6k:CJH4yJsSBdO6UL4cgwxRNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faff9ade9ef7f0d866ca6a1a0e143294_JaffaCakes118

Files

faff9ade9ef7f0d866ca6a1a0e143294_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0f0f3149a2696b3978c7329db48d3dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
DuplicateHandle
InitializeCriticalSection
CreateMutexW
WaitForMultipleObjects
LocalAlloc
LocalFree
GetVersion
GetModuleHandleA
lstrcmpA
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
GetFileAttributesW
lstrcpynA
LoadLibraryW
lstrlenA
FreeLibrary
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
CreateEventW
SetEvent
OpenMutexW
GetProcessHeap
GetProcAddress

user32

PeekMessageW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken

shell32

SHGetDesktopFolder

scecli

SceStartTransaction
SceOpenPolicy
SceSetupUpdateSecurityKey
SceDcPromoteSecurityEx
SceCreateDirectory
SceSvcUpdateInfo
SceUpdateSecurityProfile
SceGetSecurityProfileInfo
SceLookupPrivRightName
SceGetServerProductType
DllRegisterServer

vbscript

DllUnregisterServer

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OynOZ
Size: 2KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EHyjSc
Size: 3KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 100KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h
Size: 2KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 114KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kD
Size: 5KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oLd
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f0f3149a2696b3978c7329db48d3dd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

scecli

vbscript

Sections

.text Size: 2KB - Virtual size: 1KB

.OynOZ Size: 2KB - Virtual size: 321KB

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 20KB

.EHyjSc Size: 3KB - Virtual size: 426KB

.edata Size: 100KB - Virtual size: 192KB

.data Size: 7KB - Virtual size: 57KB

.h Size: 2KB - Virtual size: 376KB

.edata Size: 114KB - Virtual size: 170KB

.kD Size: 5KB - Virtual size: 635KB

.oLd Size: 1024B - Virtual size: 107KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.OynOZ
Size: 2KB - Virtual size: 321KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 20KB

.EHyjSc
Size: 3KB - Virtual size: 426KB

.edata
Size: 100KB - Virtual size: 192KB

.data
Size: 7KB - Virtual size: 57KB

.h
Size: 2KB - Virtual size: 376KB

.edata
Size: 114KB - Virtual size: 170KB

.kD
Size: 5KB - Virtual size: 635KB

.oLd
Size: 1024B - Virtual size: 107KB

.rsrc
Size: 3KB - Virtual size: 2KB