71e73ca41362f7b74267ed9d20125b0f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71e73ca41362f7b74267ed9d20125b0f_JaffaCakes118
Size

176KB
MD5

71e73ca41362f7b74267ed9d20125b0f
SHA1

13ebd1ff0e3da6f8d60a9267625d1bd8c5ed838c
SHA256

ecb922926c3ab4841e31dff625c065770acede1a32811303a5c640022b6fd6cb
SHA512

5158477b18066fedb4bf1286df8ac87fe6a83a0781da6760267e123343efb746ac9cf75d1d195a3d40ec17403361b640ad4f285e632954489dcf077bf80eeda1
SSDEEP

3072:uBGMfcYTRm1BmGXi+0+sl5tvedACjroMw9zXSa+YU3Ud469LlO93S8dR7I:IGMfXO5vsl5tved9rnw9zXH+YNzQlm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71e73ca41362f7b74267ed9d20125b0f_JaffaCakes118

Files

71e73ca41362f7b74267ed9d20125b0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a9a9a4247e6808c144864b8cbe56225

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenSCManagerA
AddAce
RegisterServiceCtrlHandlerA
RegSetValueA
RegSetValueExA
GetAce
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
MakeAbsoluteSD
OpenProcessToken
LsaFreeMemory
InitializeSid
StartServiceCtrlDispatcherW
OpenThreadToken
GetSidSubAuthorityCount
RegCreateKeyExW
RegSetValueExW
AllocateAndInitializeSid
RegCreateKeyW
RegQueryValueW
CreateProcessAsUserW
CopySid
QueryServiceStatus
RegQueryValueA
RegCreateKeyA
SetFileSecurityW
LookupPrivilegeValueW
ReportEventA
RegCreateKeyExA
RegEnumKeyExA
RegCloseKey
LsaQueryInformationPolicy
OpenSCManagerW
RegDeleteKeyA
InitiateSystemShutdownA
RegUnLoadKeyW
ChangeServiceConfigW
RegOpenKeyExA
QueryServiceConfigW
RegOpenKeyExW
StartServiceA
GetSidIdentifierAuthority
LookupAccountNameW
DeleteService
RegConnectRegistryA
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
RegEnumKeyW

user32

FindWindowExA
CreateMenu
EnableWindow
GetScrollInfo
OffsetRect
ShowScrollBar
DdeConnect
CharUpperBuffW
CharLowerW
DispatchMessageA
PostQuitMessage
GetScrollPos
CharNextW
CheckRadioButton
MapVirtualKeyExW
GetWindow
FillRect
DrawIconEx
CloseClipboard
RegisterClipboardFormatW
SetMenuDefaultItem
BringWindowToTop
FindWindowA
DrawTextW
CreateDialogParamA
CopyImage
GetWindowTextA
SetPropA
GetMessagePos
GetDC
IsWindow
InvalidateRect
BeginDeferWindowPos
RemovePropA
LoadStringW
GetCursorPos
ShowOwnedPopups
UnpackDDElParam
EnumDisplaySettingsW
LoadBitmapA
KillTimer
CharPrevA
IsChild
PostMessageA
IsWindowEnabled
SetWindowPlacement
SetCapture
GetScrollRange
GetMenuItemID
LoadCursorA
SetFocus
IsDlgButtonChecked
GetMenuItemCount
SetScrollPos
ChangeClipboardChain
GetClassInfoExW
DrawStateA
DrawTextA
DrawIcon
DestroyMenu
IsCharAlphaW
ScreenToClient
GetClipboardData
SetTimer
IntersectRect
IsZoomed
GetKeyboardState
ScrollWindow
GetSysColorBrush
GetDlgItemTextW
CreateDialogIndirectParamA
SetDlgItemInt
DrawStateW
RegisterHotKey
TrackPopupMenuEx
ShowCursor
SetCursor
IsWindowVisible
GetKeyState
RegisterClassExW
SendInput
AdjustWindowRect
SetWindowTextA
SetClassLongW
DeferWindowPos
GetClassInfoW
GetMessageA
UnionRect
CopyIcon
GetKeyboardLayoutList
ChildWindowFromPointEx

kernel32

CreatePipe
WaitNamedPipeW
FindResourceExW
DeleteAtom
FreeConsole

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9a9a4247e6808c144864b8cbe56225

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 20KB - Virtual size: 134KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 20KB - Virtual size: 134KB

.rsrc
Size: 40KB - Virtual size: 38KB