JaffaCakes118_f99321444cec468034de0affe5083ed5

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_f99321444cec468034de0affe5083ed5
Size

259KB
MD5

f99321444cec468034de0affe5083ed5
SHA1

b019d6eb77d88b67fd5466ebdd11866b95ed64ec
SHA256

a1f51dc6526273d69da39e416a29a040c5f831e6910ec88608a0d252ddf7b30f
SHA512

12895f4e26610d20ab7d58dcb2f0ed11498a08f62d59cb778668aee309fbde0f58cba09cb972e91623cbe6c56b29a9b89930713141e7e75e02a4d941fbbb6121
SSDEEP

6144:PWJH4cfJs1tCBThOoXUMhfexPicgwxRN6k:+JH4yJsSBdO6UL4cgwxRNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f99321444cec468034de0affe5083ed5

Files

JaffaCakes118_f99321444cec468034de0affe5083ed5
.exe windows:4 windows x86 arch:x86

a0f0f3149a2696b3978c7329db48d3dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
DuplicateHandle
InitializeCriticalSection
CreateMutexW
WaitForMultipleObjects
LocalAlloc
LocalFree
GetVersion
GetModuleHandleA
lstrcmpA
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
GetFileAttributesW
lstrcpynA
LoadLibraryW
lstrlenA
FreeLibrary
GetLastError
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
CreateEventW
SetEvent
OpenMutexW
GetProcessHeap
GetProcAddress

user32

PeekMessageW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken

shell32

SHGetDesktopFolder

scecli

SceStartTransaction
SceOpenPolicy
SceSetupUpdateSecurityKey
SceDcPromoteSecurityEx
SceCreateDirectory
SceSvcUpdateInfo
SceUpdateSecurityProfile
SceGetSecurityProfileInfo
SceLookupPrivRightName
SceGetServerProductType
DllRegisterServer

vbscript

DllUnregisterServer

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OynOZ
Size: 2KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EHyjSc
Size: 3KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 100KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h
Size: 2KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 114KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kD
Size: 5KB - Virtual size: 635KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oLd
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f0f3149a2696b3978c7329db48d3dd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

scecli

vbscript

Sections

.text Size: 2KB - Virtual size: 1KB

.OynOZ Size: 2KB - Virtual size: 321KB

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 20KB

.EHyjSc Size: 3KB - Virtual size: 426KB

.edata Size: 100KB - Virtual size: 192KB

.data Size: 7KB - Virtual size: 57KB

.h Size: 2KB - Virtual size: 376KB

.edata Size: 114KB - Virtual size: 170KB

.kD Size: 5KB - Virtual size: 635KB

.oLd Size: 1024B - Virtual size: 107KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.OynOZ
Size: 2KB - Virtual size: 321KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 20KB

.EHyjSc
Size: 3KB - Virtual size: 426KB

.edata
Size: 100KB - Virtual size: 192KB

.data
Size: 7KB - Virtual size: 57KB

.h
Size: 2KB - Virtual size: 376KB

.edata
Size: 114KB - Virtual size: 170KB

.kD
Size: 5KB - Virtual size: 635KB

.oLd
Size: 1024B - Virtual size: 107KB

.rsrc
Size: 3KB - Virtual size: 2KB