fd1feaee1ddace7c5741b5c0650d164e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd1feaee1ddace7c5741b5c0650d164e_JaffaCakes118
Size

384KB
MD5

fd1feaee1ddace7c5741b5c0650d164e
SHA1

79c8b541f7e50a9147290d1c95dc5f969cabf9cd
SHA256

9693fc5c3695e41faecc232af4efba59afe64634e14455d964eb4579268ee1be
SHA512

5a029c7dc5a54abd90ec4378b903dbe7e607d8af736ac8d378f5493aaf41cd679fbead6845e200ef5f0792ce9fc548704ec44b36e2ee031ff3495711eafb0f7d
SSDEEP

6144:7e1VEVX1mert69fLzvk3cfE64Ss/M56azUz/nU1e+qIuaLGcaYK5XULW0kEFRAir:7e1Wcxssbsk5bcc3qIsc09UiEnEl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd1feaee1ddace7c5741b5c0650d164e_JaffaCakes118

Files

fd1feaee1ddace7c5741b5c0650d164e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b64e839e3d15f2f17be8c91148c2cac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
GetStringTypeExW
GetCommandLineA
lstrlenA
ExitProcess

user32

SetWinEventHook
SendNotifyMessageA
SetWindowPlacement
OpenWindowStationW
SetWindowsHookExW
ModifyMenuA
CloseClipboard
LoadIconA
DrawFrameControl
SendMessageTimeoutA
CharLowerBuffA
GetKeyboardLayoutList
CheckMenuRadioItem
SetTimer
TileWindows
UnhookWindowsHook
InsertMenuItemW
IsCharLowerW
CloseWindowStation
CheckMenuItem
LoadCursorA
TranslateMessage
GetMonitorInfoA
SystemParametersInfoA
LookupIconIdFromDirectory
SetWindowTextA
CharUpperA
OemToCharA

gdi32

GetOutlineTextMetricsW
PlayEnhMetaFileRecord
GetMetaFileBitsEx
DeleteMetaFile
EnumFontFamiliesA
SaveDC
GetCharWidthA
GetTextAlign
CreateDCW
PolyPolyline
GetLayout

comdlg32

GetFileTitleW
FindTextA
ReplaceTextA

advapi32

RegSaveKeyW
SetServiceStatus
InitializeSid
ImpersonateSelf
SetNamedSecurityInfoA
RegDeleteKeyW
AccessCheckAndAuditAlarmA
MakeSelfRelativeSD
AccessCheckAndAuditAlarmW
LookupAccountNameW
RegCreateKeyExA
SetThreadToken
RegisterServiceCtrlHandlerW
AbortSystemShutdownA
SetSecurityDescriptorSacl
GetSidIdentifierAuthority
CryptGetHashParam
QueryServiceConfigA
CryptDeriveKey
CryptSetProvParam
LookupPrivilegeValueA
CryptGenRandom
UnlockServiceDatabase
GetNamedSecurityInfoA
RegSetValueExA
RegEnumKeyA
SetPrivateObjectSecurity
CreateProcessAsUserA
RegOpenKeyW
CryptEncrypt
RegSaveKeyA

shell32

SHGetSpecialFolderLocation
FindExecutableW
SHChangeNotify
SHGetSettings
FindExecutableA

ole32

OleSave
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoSwitchCallContext

oleaut32

SafeArrayPutElement
SafeArrayCreate
SafeArrayGetElement
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
VariantCopy
LoadTypeLibEx

comctl32

ImageList_DrawEx

shlwapi

UrlApplySchemeW
PathRemoveExtensionW
StrToIntW
StrStrIW
PathCompactPathExW
PathIsFileSpecA

setupapi

SetupFindNextLine
SetupDiGetDeviceInstanceIdW
SetupGetIntField
SetupDiCreateDeviceInfoA
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoW

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b64e839e3d15f2f17be8c91148c2cac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 41KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 41KB