JaffaCakes118_650707800418b6cf533d5c5413d89380

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_650707800418b6cf533d5c5413d89380
Size

164KB
MD5

650707800418b6cf533d5c5413d89380
SHA1

308fd86caeea50796d144a44fb8f6b5ff4fecfbf
SHA256

cf969a744501e16e29c04bafa3a052c3caa7334a24add77bb1570c3de727965f
SHA512

4a3645fac2d46961abf641c1e77334740feffd7c386ac150589f3f35870ba9e3689624871f0804a73bb3dd1dc466946cce92966c03cf167a6881c968ab244830
SSDEEP

3072:SSfOD2Yuc7YaGuQP6h6SFMr6hhh7MJCsbEvfcp39k5W4Cb4SRRATPWkqpEal:TmqrDaGuQP6UzrCzAJVbE43cW4CbfRv4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_650707800418b6cf533d5c5413d89380

Files

JaffaCakes118_650707800418b6cf533d5c5413d89380
.exe windows:4 windows x86 arch:x86

c47d924903463f54b0b9456139779c6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetCurrentProcessId
GetLocaleInfoA
VirtualFree
RaiseException
GetTimeFormatA
SetStdHandle
HeapFree
CompareStringA
WriteConsoleA
IsDebuggerPresent
FreeLibrary
GetConsoleOutputCP
CompareStringW
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
TerminateProcess
MultiByteToWideChar
SetUnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
GetCPInfo
GetTickCount
QueryPerformanceCounter
GetOEMCP
LCMapStringW
HeapReAlloc
EnumResourceTypesA
CreateMailslotW
UnhandledExceptionFilter
GetACP
VirtualAlloc
SetFilePointer
WriteFile
LeaveCriticalSection
GetTimeZoneInformation
HeapCreate
GetDateFormatA
SetEnvironmentVariableA
GetStringTypeW
GetSystemTimeAsFileTime
ReadFile
HeapSize
IsValidCodePage
LCMapStringA
SetEndOfFile
GetStringTypeA

advapi32

EqualSid
LookupAccountSidW
RegDeleteKeyW
OpenProcessToken
DeleteService
RegCloseKey
QueryServiceConfigW
IsValidSecurityDescriptor
AddAce
RegRestoreKeyW
RegOpenKeyExW
GetNamedSecurityInfoW
GetInheritanceSourceW
InitializeAcl
UnlockServiceDatabase
LookupPrivilegeNameA
QueryServiceLockStatusW
RegSaveKeyW
LookupPrivilegeDisplayNameA
ControlService
AdjustTokenPrivileges
GetAclInformation
SetEntriesInAclW
StartServiceA
GetTokenInformation
QueryServiceStatus
AllocateAndInitializeSid
IsValidAcl
CloseServiceHandle
GetSecurityDescriptorControl
ChangeServiceConfig2W
LockServiceDatabase
ChangeServiceConfigW
FreeInheritedFromArray
RegSetValueExW
SetSecurityInfo
GetSecurityInfo
SetNamedSecurityInfoW
OpenSCManagerW
LookupPrivilegeValueA
SetSecurityDescriptorDacl
RegDeleteValueW
FreeSid
OpenServiceW
RegQueryValueExW
RegCreateKeyExW
GetAce
RegGetKeySecurity
RegEnumKeyExW
InitializeSecurityDescriptor
EnumDependentServicesW
CreateServiceW
SetEntriesInAclA
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c47d924903463f54b0b9456139779c6d

Headers

File Characteristics

Imports

kernel32

advapi32

oleacc

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 3KB - Virtual size: 402KB

.data Size: 119KB - Virtual size: 118KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 3KB - Virtual size: 402KB

.data
Size: 119KB - Virtual size: 118KB

.rsrc
Size: 512B - Virtual size: 4KB