JaffaCakes118_77f507f18e64b9ffe1ae0aee298d0da0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_77f507f18e64b9ffe1ae0aee298d0da0
Size

175KB
MD5

77f507f18e64b9ffe1ae0aee298d0da0
SHA1

dffa6a73b70db4339ad1277b285d407b94c5cf58
SHA256

67880949a839dbe013c3835d2ae13346c6e04cf7c905a4b369b5a22ad724c5ab
SHA512

9bb7e8182f965bb743daa6bafd2f57a52f12c71f2d4956ca3d99eafe3cd9a71eab79322ac4cfc51e73c42e1030c110ce72aa287045622026a7cf02d45733d31a
SSDEEP

3072:dud6rklJ9W8wwstPRhJ5mM38xVicj3EvRvrLp8VyFIzLiJ:dudLVW/pRGoKEJ/p8V2Iq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_77f507f18e64b9ffe1ae0aee298d0da0

Files

JaffaCakes118_77f507f18e64b9ffe1ae0aee298d0da0
.exe windows:4 windows x86 arch:x86

1e12ab7a5f68a781a64e66649afc1ef2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
HeapSize
WriteConsoleA
LeaveCriticalSection
RtlUnwind
GetACP
ReadFile
GetTimeZoneInformation
HeapFree
SetEnvironmentVariableA
WriteFile
LCMapStringW
GetOEMCP
GetTimeFormatA
GetCurrentProcess
RaiseException
GetLocaleInfoA
InitializeCriticalSection
UnhandledExceptionFilter
MultiByteToWideChar
LoadLibraryA
GetConsoleOutputCP
QueryPerformanceCounter
GetDateFormatA
EnumResourceTypesA
SetStdHandle
IsDebuggerPresent
GetCurrentProcessId
EnterCriticalSection
HeapReAlloc
HeapCreate
GetStringTypeW
VirtualAlloc
CreateMailslotW
SetFilePointer
CompareStringA
LCMapStringA
GetTickCount
CompareStringW
IsValidCodePage
SetUnhandledExceptionFilter
HeapDestroy
VirtualFree
FreeLibrary
GetCPInfo
TerminateProcess
GetSystemTimeAsFileTime
GetStringTypeA

iphlpapi

GetIpAddrTable

advapi32

SetSecurityInfo
CloseServiceHandle
InitializeSecurityDescriptor
GetInheritanceSourceW
LookupPrivilegeDisplayNameA
UnlockServiceDatabase
AdjustTokenPrivileges
InitializeAcl
GetTokenInformation
EqualSid
LookupPrivilegeValueA
RegCreateKeyExW
OpenSCManagerW
GetSecurityInfo
AddAce
RegDeleteKeyW
AllocateAndInitializeSid
RegQueryValueExW
LookupPrivilegeNameA
SetEntriesInAclA
DeleteService
FreeInheritedFromArray
RegDeleteValueW
SetEntriesInAclW
OpenServiceW
GetAclInformation
IsValidAcl
ChangeServiceConfigW
GetAce
IsValidSecurityDescriptor
QueryServiceConfigW
SetSecurityDescriptorDacl
FreeSid
GetNamedSecurityInfoW
RegGetKeySecurity
GetSecurityDescriptorControl
LookupAccountSidW
SetNamedSecurityInfoW
QueryServiceStatus
CreateServiceW
EnumDependentServicesW
RegSetValueExW
RegCloseKey
QueryServiceLockStatusW
RegEnumKeyExW
RegSaveKeyW
ControlService
RegOpenKeyExW
RegRestoreKeyW
LockServiceDatabase
OpenProcessToken
ChangeServiceConfig2W
StartServiceA
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e12ab7a5f68a781a64e66649afc1ef2

Headers

File Characteristics

Imports

kernel32

iphlpapi

advapi32

oleacc

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 154KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 154KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB