15094688bbd3c02e24d8d5b20688d16a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

15094688bbd3c02e24d8d5b20688d16a_JaffaCakes118
Size

816KB
MD5

15094688bbd3c02e24d8d5b20688d16a
SHA1

a1dd147dca871d6788a2e5407dc3380a22428c57
SHA256

b900aaf42fd664d16d084bee1a3e5a23bc1e1193ace01bdd2cf675ada3f6e107
SHA512

8f17a328fd737c1398467c2d0a5e53446f3a76817bc9a7cabf392b8c2dba148f9fb33a42724229fe0d95e6a27b8b1154f55013a90c7c72bd2a3f6ebd9f9ac95c
SSDEEP

24576:5Ow3rV0JQDe4WyRCMb24mI34186Rt0EpWiAcIXeQp5YIe:5X3ZDxWyRCMxID3X3AcIXeq5YI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15094688bbd3c02e24d8d5b20688d16a_JaffaCakes118

Files

15094688bbd3c02e24d8d5b20688d16a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

secur32

LsaFreeReturnBuffer
InitSecurityInterfaceW
DecryptMessage
FreeCredentialsHandle
LsaLogonUser
LsaLookupAuthenticationPackage
LsaConnectUntrusted
LsaUnregisterPolicyChangeNotification
QuerySecurityContextToken
FreeContextBuffer
LsaRegisterPolicyChangeNotification
ApplyControlToken
QuerySecurityPackageInfoW
InitializeSecurityContextW
GetUserNameExW

advapi32

GetSidSubAuthorityCount
AreAnyAccessesGranted
CryptGenKey
AddAccessAllowedObjectAce
IsTokenRestricted
CryptGetUserKey
RegSetValueExW
BuildExplicitAccessWithNameA
InitializeAcl
GetTokenInformation
LsaClose
InitializeSid
RegRestoreKeyW
ConvertStringSidToSidW
SystemFunction031
OpenThreadToken
RegCreateKeyExA
CryptHashSessionKey
EnumServicesStatusW
SetThreadToken
CryptGetHashParam
GetSecurityDescriptorGroup
CloseEncryptedFileRaw
QueryServiceLockStatusA
RegisterTraceGuidsW
CryptSetProvParam
LsaFreeMemory
RegQueryValueExW
GetLengthSid
ChangeServiceConfigW
RegisterServiceCtrlHandlerW
EnumServicesStatusExW
GetTraceLoggerHandle
QueryServiceConfig2W
CopySid

kernel32

VirtualAlloc
GetModuleHandleW
GetModuleHandleA
GetConsoleWindow
GetWriteWatch
GetCurrentThread
FindFirstVolumeW
Process32Next
GetCurrentProcessId
OpenThread
WaitForSingleObjectEx
SystemTimeToTzSpecificLocalTime
ReadConsoleOutputA
MulDiv
ConvertThreadToFiber
WriteConsoleW
GetCurrentThreadId
VirtualFree
EraseTape
ReleaseSemaphore
GetCurrentProcess

uxtheme

GetThemeColor
GetThemeSysFont
CloseThemeData
SetWindowTheme
IsThemePartDefined
GetThemeBool
GetThemeSysColor
GetThemeBackgroundExtent
GetThemeAppProperties
GetThemeSysString
IsThemeBackgroundPartiallyTransparent
IsThemeActive

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 96KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 84KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 124KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 96KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 124KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

File Characteristics

Imports

secur32

advapi32

kernel32

uxtheme

Sections

.text Size: 96KB - Virtual size: 94KB

.itext Size: 96KB - Virtual size: 122KB

.data Size: 76KB - Virtual size: 137KB

.bss Size: 84KB - Virtual size: 113KB

.idata Size: 124KB - Virtual size: 156KB

.didata Size: 96KB - Virtual size: 148KB

.tls Size: 124KB - Virtual size: 165KB

.rdata Size: 112KB - Virtual size: 154KB

.reloc Size: 4KB - Virtual size: 748B

.text
Size: 96KB - Virtual size: 94KB

.itext
Size: 96KB - Virtual size: 122KB

.data
Size: 76KB - Virtual size: 137KB

.bss
Size: 84KB - Virtual size: 113KB

.idata
Size: 124KB - Virtual size: 156KB

.didata
Size: 96KB - Virtual size: 148KB

.tls
Size: 124KB - Virtual size: 165KB

.rdata
Size: 112KB - Virtual size: 154KB

.reloc
Size: 4KB - Virtual size: 748B