0d97b45efff31709aad1e9e050d21ad0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d97b45efff31709aad1e9e050d21ad0_JaffaCakes118
Size

59KB
MD5

0d97b45efff31709aad1e9e050d21ad0
SHA1

89d75b403d85e139506367b909b6513a6182a29e
SHA256

662109b85f6b623ba6426b41b0822b52d0e97909a94ad65b8d0ad8a5bca989e3
SHA512

4543435bdbac78fd0fa3b7fea16e3dea46e7448b9d4b5bdf4cc35ea01299dd21396ad5f2963dcae42a774a46e6b15d21bb80ad4fdd700eac8d84bd2291c98516
SSDEEP

1536:/T93DyR7niv08hjFfX9f1CNx6DThIa/D3U0MIDD:LlW0vLr9f1oUhr/D3U0MIDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d97b45efff31709aad1e9e050d21ad0_JaffaCakes118

Files

0d97b45efff31709aad1e9e050d21ad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94b67a1414e4d9f4ac02433c43d22ce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetAclInformation
PrivilegeCheck
CryptHashSessionKey
RegConnectRegistryA
GetTrusteeTypeA
RegOpenKeyA
SetEntriesInAuditListA
CryptGenKey
CryptContextAddRef
ObjectDeleteAuditAlarmA
GetSecurityDescriptorControl
CryptGetKeyParam
IsTextUnicode
CryptEncrypt
DeregisterEventSource
GetServiceDisplayNameA
RegQueryValueA
RegDeleteValueA
BackupEventLogA
ChangeServiceConfigA
GetSecurityDescriptorOwner
CryptSignHashA
AccessCheck
RevertToSelf
GetSidSubAuthority
InitializeAcl
AddAce
CopySid
QueryServiceObjectSecurity
AllocateAndInitializeSid
ControlService
CryptSetKeyParam
RegUnLoadKeyA
GetMultipleTrusteeA
FindFirstFreeAce
CryptDestroyHash
GetNumberOfEventLogRecords
RegSaveKeyA

user32

EnableScrollBar
GetProcessDefaultLayout
ShowWindowAsync
DrawTextExA
DdeNameService
GetMenuItemCount
EnumClipboardFormats
OpenDesktopA
EnumPropsExA
PostQuitMessage
FindWindowExA
SetDebugErrorLevel
LoadMenuIndirectA
ChildWindowFromPointEx
IMPGetIMEA
CharToOemBuffA
RegisterWindowMessageA
IsWindowUnicode
GetKeyboardLayoutList
SwitchToThisWindow
DrawCaption
MapVirtualKeyExA
GetShellWindow
RemovePropA
ScrollDC
SetWindowContextHelpId
GetWindowWord
GetWindowInfo
GetAsyncKeyState
ToUnicodeEx
VkKeyScanA
GetClipboardFormatNameA
GetClassInfoA
RedrawWindow
IsDialogMessage
SetWindowRgn
DrawFrame
LoadAcceleratorsA
CopyIcon
IsMenu
GetKBCodePage
WinHelpA
wvsprintfA
ArrangeIconicWindows
InSendMessage
SetScrollInfo
GetMessagePos
CascadeWindows
TranslateAccelerator
GetLastActivePopup
UnpackDDElParam
SetCaretBlinkTime

shlwapi

PathIsRelativeA

Sections

.xed
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hub
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ktqfk
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wxmb
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94b67a1414e4d9f4ac02433c43d22ce6

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

Sections

.xed Size: 22KB - Virtual size: 45KB

.hub Size: 5KB - Virtual size: 10KB

.ktqfk Size: 1024B - Virtual size: 1KB

.wxmb Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.xed
Size: 22KB - Virtual size: 45KB

.hub
Size: 5KB - Virtual size: 10KB

.ktqfk
Size: 1024B - Virtual size: 1KB

.wxmb
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB