JaffaCakes118_0aca306658f220ca4e1162c4e17b525f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0aca306658f220ca4e1162c4e17b525f
Size

281KB
MD5

0aca306658f220ca4e1162c4e17b525f
SHA1

ab06b8972ec52b5c158bf848840d068c6cee5bcc
SHA256

4fac063d06418c82570e9362cfbc911bfdf0beca708f3ba0e93cdb9f8a5a5b52
SHA512

b5c5d3d2daaa743d5bf9b4d92864d3fd8c911251ec1555add52e268702a25e20f8b41f9678dfb66ff5be7a95872f289a543f48efe6bf2dd183ae294ce19b7e4c
SSDEEP

6144:lDOPvkeTkeieZXbMnb0F648hXVu7ryf1s4eb+4fMm/B4A:lNlHelwb0F648NVz/4fMmOA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0aca306658f220ca4e1162c4e17b525f

Files

JaffaCakes118_0aca306658f220ca4e1162c4e17b525f
.exe windows:5 windows x86 arch:x86

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2

rpcrt4

UuidCreate

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
InitializeSecurityDescriptor

ws2_32

WSCInstallProvider
WSACleanup
WSCGetProviderPath
WSCWriteProviderOrder
WSAStartup
WSCDeinstallProvider
WSCEnumProtocols

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapReAlloc
ReadFile
EnumSystemLocalesA
GetSystemDirectoryA
HeapDestroy
CloseHandle
HeapFree
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
GetOEMCP
SetEndOfFile
GetConsoleOutputCP
VirtualAlloc
WriteFile
SetUnhandledExceptionFilter
GetCommandLineA
SetStdHandle
TlsGetValue
CreateFileA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetStdHandle
SetLastError
GetModuleHandleW
VirtualFree
SetHandleCount
GetConsoleCP
IsValidCodePage
WriteConsoleW
GetFileType
SetFilePointer
FreeEnvironmentStringsW
GetTimeFormatA
EnterCriticalSection
WriteConsoleA
HeapAlloc
TlsSetValue
GetUserDefaultLCID
LeaveCriticalSection
RtlUnwind
LCMapStringA
RaiseException
GetTempPathA
GetSystemTime
ExpandEnvironmentStringsA
GetACP
TlsFree
FreeEnvironmentStringsA
HeapSize
GetConsoleMode
SystemTimeToFileTime
FreeLibrary
IsDebuggerPresent
LCMapStringW
IsValidLocale
GetProcessHeap
TlsAlloc
FileTimeToSystemTime
GetCurrentThreadId
DeleteCriticalSection
VirtualAllocEx

esent

JetCreateIndex
JetGetLS
JetSetColumnDefaultValue
JetDelete
JetInit2
JetDupCursor
JetCreateDatabase2
JetGetDatabaseFileInfo
JetOSSnapshotFreeze
JetCloseFileInstance
JetGetTableColumnInfo
JetBackupInstance
JetTerm
JetGetInstanceInfo
JetCloseDatabase
JetPrepareToCommitTransaction
JetUpgradeDatabase
JetOSSnapshotThaw
JetGetSecondaryIndexBookmark
JetRestore

compstui

GetCPSUIUserData
CommonPropertySheetUIW
SetCPSUIUserData

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

Imports

ole32

rpcrt4

advapi32

ws2_32

kernel32

esent

compstui

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 249KB - Virtual size: 936KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 249KB - Virtual size: 936KB

.rsrc
Size: 5KB - Virtual size: 5KB