0d02ebacf8e282c1e27671f76089261d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d02ebacf8e282c1e27671f76089261d_JaffaCakes118
Size

110KB
MD5

0d02ebacf8e282c1e27671f76089261d
SHA1

a37958fbb8e137f4b90335e8c3bd9ee660eb15dc
SHA256

6ca8fb276845d141e29d84c2638c2c79004b741053fbf03185c9a827eb41af8f
SHA512

faf8f87f8d83ab0cc7c5ef50ffbc54f17ee37ddddbcdc44586fcec3cad1a74ac85d3730cc3327755487d024539b0416d70539831fa00a52a61b952eb572ef4f4
SSDEEP

1536:Z1pExOmAV2ztKgJ275MbeIh7fpAK9cmze5GXONKMMiU1aoauY:egV2vUFJmRcmze58ONKMMiU1m9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d02ebacf8e282c1e27671f76089261d_JaffaCakes118

Files

0d02ebacf8e282c1e27671f76089261d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4aa43cc47c35ab26f3c27990e10a3b1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopyInd
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA
ControlService
CreateServiceA
OpenSCManagerA
DeleteService
InitializeSecurityDescriptor
AdjustTokenPrivileges
LookupPrivilegeValueA

ole32

StringFromGUID2
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
OleFlushClipboard
GetRunningObjectTable
GetConvertStg
CreateFileMoniker
CLSIDFromString
CreateDataAdviseHolder
CoTaskMemRealloc
CoTaskMemAlloc
CoLockObjectExternal
CoGetMalloc
CoFileTimeNow
CoCreateGuid
OleSetClipboard

user32

ShowCaret
MessageBeep
LoadIconA
IsCharUpperA
GetWindowTextA
EnableScrollBar
EnableMenuItem
DrawStateA
BeginPaint
ActivateKeyboardLayout
wsprintfA

shell32

SHGetMalloc
SHFileOperationA
SHGetFileInfoA
SHBindToParent

shlwapi

PathIsRootA
PathIsRelativeA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
PathAppendA
StrStrIA
SHAutoComplete
PathUnquoteSpacesA
PathQuoteSpacesA
PathMatchSpecA

msvcrt

vsprintf
strstr
sprintf
rand
malloc
__set_app_type
getenv
strchr
free
fflush
_except_handler3
_errno
memchr

kernel32

OpenFileMappingA
SleepEx
lstrcmpA
LeaveCriticalSection
InterlockedIncrement
HeapAlloc
GetTimeFormatA
GetStartupInfoA
FreeResource
ExitThread
MapViewOfFile

Exports

Exports

Crl
Eob
Gpi
Igo
Jpv
Osb
Rrj
Vdc
Zlj

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4aa43cc47c35ab26f3c27990e10a3b1d

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 29KB - Virtual size: 32KB

.data Size: 21KB - Virtual size: 24KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 29KB - Virtual size: 32KB

.data
Size: 21KB - Virtual size: 24KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB