0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118
Size

816KB
MD5

0c6093d5742843a9cd814ca29ef4a607
SHA1

4ed96b41c204cb9b29d1b89341258641fd0abb35
SHA256

b023575034da8ddf6460e8c1b76eb267656b8a5f1dc004ca3882dccef4e2076a
SHA512

c342ae5476e53da384a9037ab3fba788ed25acd46455630f15bfb84cfeac728f4754e00a286fb3089c31e8c7ca8b48ec9670608401ef159a750522b656cb8769
SSDEEP

24576:bOw3rV0JQDe4WyRCMb24mI34186Rt0EpWiAcIXeQp5YIe:bX3ZDxWyRCMxID3X3AcIXeq5YI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118

Files

0c6093d5742843a9cd814ca29ef4a607_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

secur32

LsaFreeReturnBuffer
InitSecurityInterfaceW
DecryptMessage
FreeCredentialsHandle
LsaLogonUser
LsaLookupAuthenticationPackage
LsaConnectUntrusted
LsaUnregisterPolicyChangeNotification
QuerySecurityContextToken
FreeContextBuffer
LsaRegisterPolicyChangeNotification
ApplyControlToken
QuerySecurityPackageInfoW
InitializeSecurityContextW
GetUserNameExW

advapi32

GetSidSubAuthorityCount
AreAnyAccessesGranted
CryptGenKey
AddAccessAllowedObjectAce
IsTokenRestricted
CryptGetUserKey
RegSetValueExW
BuildExplicitAccessWithNameA
InitializeAcl
GetTokenInformation
LsaClose
InitializeSid
RegRestoreKeyW
ConvertStringSidToSidW
SystemFunction031
OpenThreadToken
RegCreateKeyExA
CryptHashSessionKey
EnumServicesStatusW
SetThreadToken
CryptGetHashParam
GetSecurityDescriptorGroup
CloseEncryptedFileRaw
QueryServiceLockStatusA
RegisterTraceGuidsW
CryptSetProvParam
LsaFreeMemory
RegQueryValueExW
GetLengthSid
ChangeServiceConfigW
RegisterServiceCtrlHandlerW
EnumServicesStatusExW
GetTraceLoggerHandle
QueryServiceConfig2W
CopySid

kernel32

VirtualAlloc
GetModuleHandleW
GetModuleHandleA
GetConsoleWindow
GetWriteWatch
GetCurrentThread
FindFirstVolumeW
Process32Next
GetCurrentProcessId
OpenThread
WaitForSingleObjectEx
SystemTimeToTzSpecificLocalTime
ReadConsoleOutputA
MulDiv
ConvertThreadToFiber
WriteConsoleW
GetCurrentThreadId
VirtualFree
EraseTape
ReleaseSemaphore
GetCurrentProcess

uxtheme

GetThemeColor
GetThemeSysFont
CloseThemeData
SetWindowTheme
IsThemePartDefined
GetThemeBool
GetThemeSysColor
GetThemeBackgroundExtent
GetThemeAppProperties
GetThemeSysString
IsThemeBackgroundPartiallyTransparent
IsThemeActive

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 96KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 84KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 124KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 96KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 124KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

File Characteristics

Imports

secur32

advapi32

kernel32

uxtheme

Sections

.text Size: 96KB - Virtual size: 94KB

.itext Size: 96KB - Virtual size: 122KB

.data Size: 76KB - Virtual size: 137KB

.bss Size: 84KB - Virtual size: 113KB

.idata Size: 124KB - Virtual size: 156KB

.didata Size: 96KB - Virtual size: 148KB

.tls Size: 124KB - Virtual size: 165KB

.rdata Size: 112KB - Virtual size: 154KB

.reloc Size: 4KB - Virtual size: 748B

.text
Size: 96KB - Virtual size: 94KB

.itext
Size: 96KB - Virtual size: 122KB

.data
Size: 76KB - Virtual size: 137KB

.bss
Size: 84KB - Virtual size: 113KB

.idata
Size: 124KB - Virtual size: 156KB

.didata
Size: 96KB - Virtual size: 148KB

.tls
Size: 124KB - Virtual size: 165KB

.rdata
Size: 112KB - Virtual size: 154KB

.reloc
Size: 4KB - Virtual size: 748B