f7e3852675e5444f947c6df77cd7f57b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f7e3852675e5444f947c6df77cd7f57b_JaffaCakes118
Size

60KB
MD5

f7e3852675e5444f947c6df77cd7f57b
SHA1

c067c51a2d5aca7ef846c6f6a8709f17737b6194
SHA256

4588ef132bdcfff5141cb2a00ba0f87c4c83ba42e0b0e8c2ea0a02b725b272e1
SHA512

6874e2aa1aaffe4c2d39f9f8ca821993548284bd57a39e3e7672e3d42124e0ae4573b3c61ad617c6aaf97fbf0519b38dbdcc1ad2e74d37c8e703f23bbf568c31
SSDEEP

768:49ekJ2HtQXu8Iiv1APe/28ktHk5/1iR4PF82sb/zx9nwe3OCNLA/eiVd1Dpc:4QDHtQXu8f1APakk5q4PX+19FdGVHDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7e3852675e5444f947c6df77cd7f57b_JaffaCakes118

Files

f7e3852675e5444f947c6df77cd7f57b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2669323def755d99763855da056ea29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InsertMenuItemA
GetWindowWord
GetClassWord
GetDoubleClickTime
CheckMenuItem
SetScrollInfo
OemToCharA
CopyIcon
GetComboBoxInfo
SetKeyboardState
CloseDesktop
InSendMessage
GetKBCodePage
MapVirtualKeyExA
GetMessagePos
CreateDialogParamA
IsCharLowerA
OpenDesktopA
MonitorFromPoint
ExcludeUpdateRgn
GetKeyboardLayoutList
SendIMEMessageExA
wvsprintfA
RemovePropA
DlgDirSelectExA
SetDoubleClickTime
DispatchMessageA
BringWindowToTop
DdeNameService
GetDC
DefMDIChildProcA
InvalidateRgn
GetDlgCtrlID
GetNextDlgTabItem
ToUnicodeEx
DdeEnableCallback
LoadIconA
PackDDElParam
EnumClipboardFormats
GetClipboardFormatNameA
TileWindows
IsWindowUnicode
DrawTextExA
DdeQueryStringA
GetLastActivePopup
DdeClientTransaction
ChangeMenuA
CreateIconIndirect
IsDialogMessage
VkKeyScanA
EnableScrollBar
AlignRects
GetMenuState

advapi32

RegFlushKey
QueryServiceObjectSecurity
RegConnectRegistryA
CryptGenKey
RevertToSelf
ControlService
RegSaveKeyA
CryptGetKeyParam
CryptDestroyHash
SetEntriesInAuditListA
OpenEventLogA
GetSecurityDescriptorOwner
GetMultipleTrusteeA
FindFirstFreeAce
CopySid
BuildSecurityDescriptorA
ChangeServiceConfigA
ObjectDeleteAuditAlarmA
GetSecurityDescriptorControl
PrivilegeCheck
AllocateAndInitializeSid
GetTrusteeTypeA
GetSidSubAuthority
CryptSignHashA
CryptContextAddRef
InitializeAcl
CryptHashSessionKey
RegQueryValueA
GetAclInformation
RegOpenKeyA
AccessCheck
GetServiceDisplayNameA
CryptEncrypt
RegDeleteValueA
GetNumberOfEventLogRecords
CryptSetKeyParam
AddAce

kernel32

GetPrivateProfileStructA

Sections

.ybep
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkx
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kbif
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yjy
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2669323def755d99763855da056ea29

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.ybep Size: 22KB - Virtual size: 45KB

.rkx Size: 5KB - Virtual size: 10KB

.kbif Size: 1KB - Virtual size: 2KB

.yjy Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.ybep
Size: 22KB - Virtual size: 45KB

.rkx
Size: 5KB - Virtual size: 10KB

.kbif
Size: 1KB - Virtual size: 2KB

.yjy
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB