1dc4b682b51ffeb07d5761e26fef6843_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1dc4b682b51ffeb07d5761e26fef6843_JaffaCakes118
Size

723KB
MD5

1dc4b682b51ffeb07d5761e26fef6843
SHA1

7d5818b73a076026d2c53cfb0209cf965ae7e356
SHA256

5398b1b03f040c2146cafba544259804f900dd6a4c8a639c3045a506f261dbae
SHA512

bd756819ebc8a0e08403cbfd2fdcda5a7dce010051385113d92a850cd847f3e2ff86a71485f0ab95a147fde3cd788b6a162bb76981aba68a5d824f786b1e88df
SSDEEP

12288:7z/GgY19HTTZC6nUixuB+IFfdCOJryn3RKZYSbIDIAB0EJ3TpY6A571:XGgY19z9C6puB308y3RaqIABRJDg571

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1dc4b682b51ffeb07d5761e26fef6843_JaffaCakes118

Files

1dc4b682b51ffeb07d5761e26fef6843_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7040ac88d176f26f1a4fd84f1285dea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColorBrush
GetAsyncKeyState
SetWindowPos
GetCaretBlinkTime
GetCapture
GetKeyboardType
GetSysColor
GetKeyboardLayoutList
DdeSetQualityOfService
CreateMDIWindowW
EnumDisplayDevicesW

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress
GetVersion
LoadLibraryA
GetProcessId
GetCurrentThreadId
lstrlenA
CreateActCtxA
ExpandEnvironmentStringsA
InterlockedPopEntrySList

comctl32

UninitializeFlatSB
ImageList_DragLeave
FlatSB_SetScrollRange
GetEffectiveClientRect

comdlg32

GetOpenFileNameA
FindTextW
PrintDlgExW

advapi32

OpenTraceW
LsaGetSystemAccessAccount
PrivilegeCheck
OpenEncryptedFileRawW
A_SHAUpdate

shell32

SHChangeNotifySuspendResume
WOWShellExecute
StrNCmpW
SHCloneSpecialIDList
StrRChrW
SHFormatDrive

winspool.drv

AddPrinterA
DeletePrinterDataW

winmm

mixerGetLineControlsA
mciGetDeviceIDFromElementIDW
waveInUnprepareHeader
mciGetCreatorTask
midiOutCacheDrumPatches
midiStreamStop

msimg32

TransparentBlt
vSetDdrawflag
AlphaBlend
DllInitialize

gdi32

GetLogColorSpaceA
GetFontUnicodeRanges
ChoosePixelFormat
GdiPlayPrivatePageEMF

Sections

.text
Size: 647KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7040ac88d176f26f1a4fd84f1285dea3

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

advapi32

shell32

winspool.drv

winmm

msimg32

gdi32

Sections

.text Size: 647KB - Virtual size: 646KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 647KB - Virtual size: 646KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 64KB - Virtual size: 64KB