420756cd2efedf29c0c114fdf0e60471_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

420756cd2efedf29c0c114fdf0e60471_JaffaCakes118
Size

249KB
MD5

420756cd2efedf29c0c114fdf0e60471
SHA1

189bcf9deb98f055af96ff6c3bcd936a498dcafa
SHA256

d3ac155f3caa4306990ee3f5e142e0b9cabc9e344bff95fadf18fdc3b6226eec
SHA512

ed66ecb44490b878225390ccb8caedcd01d8a6aec0f0598e6d9236e212eecb3f5cba900ce27566c2786d86940e0ebfccb28f776287a17d51d8a4efa0a1f8319a
SSDEEP

6144:aAxamWZ+qUi/UcA+iWI54HpXf8vGY4GITAAU4EW+uYpn8s:aAsZ1bJA+VUv9qU4V+uYpn8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
420756cd2efedf29c0c114fdf0e60471_JaffaCakes118

Files

420756cd2efedf29c0c114fdf0e60471_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7706646680fb7b391327a32fed472c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathRemoveFileSpecA

advapi32

AdjustTokenPrivileges
DuplicateTokenEx
GetTokenInformation
GetUserNameA
ImpersonateLoggedOnUser
ImpersonateSelf
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RevertToSelf
SetSecurityDescriptorDacl
SetTokenInformation

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateMutexA
CreateProcessA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
FormatMessageA
FreeLibrary
GetACP
GetCommandLineA
GetCommandLineW
GetComputerNameA
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetLocalTime
GetModuleHandleA
GetPrivateProfileStringA
GetProcessHeap
GetShortPathNameA
GetTempFileNameA
GetWindowsDirectoryA
HeapAlloc
HeapFree
LeaveCriticalSection
LoadLibraryExA
LocalFree
MoveFileExA
OpenProcess
ProcessIdToSessionId
ReleaseMutex
SetLastError
WaitForSingleObject
WideCharToMultiByte
WritePrivateProfileStringA
lstrcmpiA
lstrcpynA
lstrlenA
GetProcAddress

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

CharPrevA
CharUpperA
ExitWindowsEx
FindWindowExA
FindWindowExW
GetSystemMetrics
MessageBoxA
PostMessageA
SendMessageA
SetForegroundWindow

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

SysAllocStringByteLen
SysFreeString

msoert2

PszAllocA

dfsshlex

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Gbr
Size: 512B - Virtual size: 661B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FRRug
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KKQNnQ
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.U
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lmpilS
Size: 121KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Hw
Size: 512B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PMhdOS
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fRi
Size: 90KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7706646680fb7b391327a32fed472c7

Headers

File Characteristics

Imports

shlwapi

advapi32

kernel32

version

user32

ole32

oleaut32

msoert2

dfsshlex

Sections

.text Size: 17KB - Virtual size: 17KB

.Gbr Size: 512B - Virtual size: 661B

.rdata Size: 3KB - Virtual size: 2KB

.FRRug Size: 2KB - Virtual size: 1KB

.KKQNnQ Size: 1KB - Virtual size: 1KB

.U Size: 1KB - Virtual size: 1KB

.lmpilS Size: 121KB - Virtual size: 171KB

.Hw Size: 512B - Virtual size: 688B

.PMhdOS Size: 2KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 23KB

.fRi Size: 90KB - Virtual size: 134KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.Gbr
Size: 512B - Virtual size: 661B

.rdata
Size: 3KB - Virtual size: 2KB

.FRRug
Size: 2KB - Virtual size: 1KB

.KKQNnQ
Size: 1KB - Virtual size: 1KB

.U
Size: 1KB - Virtual size: 1KB

.lmpilS
Size: 121KB - Virtual size: 171KB

.Hw
Size: 512B - Virtual size: 688B

.PMhdOS
Size: 2KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 23KB

.fRi
Size: 90KB - Virtual size: 134KB

.rsrc
Size: 2KB - Virtual size: 1KB