07ca25571c4383e896beb4c2f0961f35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

07ca25571c4383e896beb4c2f0961f35_JaffaCakes118
Size

91KB
MD5

07ca25571c4383e896beb4c2f0961f35
SHA1

913e95af2708678aae866dd3ab95f64d744b3546
SHA256

76588e07d22c8d8e8468e5a71c29fca7e3b495c06a0740d04569a6d0fb08560b
SHA512

26afb037ae056bd8cbce7fca0e2e2199efc70712d0d3d222d8e101e64f9cb9955b35453f586f96dca94457000196316e347e4887918998a6efe6135fa4f2e96d
SSDEEP

1536:XWF6hd/7bP01ktYTtFZqmtq3u+MjhyZI9nCZK1BbfnovYlIAbaKMK:m4hbuktYZFltz82IK1hfov2IAbaKMK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ca25571c4383e896beb4c2f0961f35_JaffaCakes118

Files

07ca25571c4383e896beb4c2f0961f35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bc778d1a4189006798d327790d241f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

DeleteService
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenSCManagerA
CreateServiceA
SetSecurityDescriptorDacl
StartServiceA
AdjustTokenPrivileges
ControlService
OpenServiceA

ole32

OleUninitialize
ProgIDFromCLSID
ReadClassStg
RegisterDragDrop
StgCreateDocfileOnILockBytes
OleLockRunning
OleIsCurrentClipboard
CreateDataAdviseHolder
CoUninitialize
CoTaskMemAlloc
CoRegisterClassObject
CLSIDFromString
CoInitialize
CoDisconnectObject
CreateOleAdviseHolder

user32

ToAscii
ShowOwnedPopups
LoadBitmapA
IsCharUpperA
DrawMenuBar
DrawIcon
DefDlgProcA
CreateMDIWindowA
CreateDialogParamA
CreateDialogIndirectParamA
CreateCursor
CharToOemBuffA
DestroyIcon

shell32

SHBindToParent
SHFileOperationA

shlwapi

PathCompactPathExA
PathFileExistsA
PathFindExtensionA
PathIsDirectoryA
PathIsRootA
PathMatchSpecA
PathUnquoteSpacesA
SHAutoComplete
StrChrA
StrStrIA
PathCanonicalizeA
PathAppendA

msvcrt

time
sprintf
free
_errno
fflush
vsprintf

kernel32

TlsSetValue
RtlUnwind
InterlockedIncrement
HeapAlloc
GetVersion
GetModuleHandleA
EnumResourceLanguagesA
VirtualFree

Exports

Exports

Ccg
Cra
Hqv
Hyn
Ibl
Kdw
Lgz

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc778d1a4189006798d327790d241f2

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 21KB - Virtual size: 24KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 21KB - Virtual size: 24KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB