5a610962baf6081eb809a9e460599871_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5a610962baf6081eb809a9e460599871_JaffaCakes118
Size

653KB
MD5

5a610962baf6081eb809a9e460599871
SHA1

6290a0dca10e063fc8913cfccc7057356e082e3b
SHA256

bc598b8327d9bbffdf96e2f972f2be0794e4e994771c6b0c84d9326921604db7
SHA512

21072cffa956240bc5a7af230d553b73f59b1ed2d84c61983d500fd33a0940e1230290c9800ce66c0ba32038aba02fced79ee9234801012f70b617b4e7da849c
SSDEEP

12288:pWHW1T76LS4NIeeUDCSvHHNvRgUVM27wl2cQuIFGhYBopxdg:pv1EdNIJR+XllDVGhY+pvg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a610962baf6081eb809a9e460599871_JaffaCakes118

Files

5a610962baf6081eb809a9e460599871_JaffaCakes118
.exe windows:4 windows x86 arch:x86

013e6b2e6ace2d90b912ba427401a263

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect
GetModuleHandleA
GetProcessId
GetLastError
GetACP
SetLastError
GetConsoleCP
GetTickCount
GetVersion
CommConfigDialogW
EnumerateLocalComputerNamesW
CreateJobObjectW
LZCopy
WriteConsoleInputW
GetConsoleCommandHistoryLengthA
HeapDestroy

winmm

midiInGetNumDevs
joyGetNumDevs
waveOutGetNumDevs
mixerGetNumDevs
waveInGetNumDevs
midiOutGetNumDevs
auxGetNumDevs
NotifyCallbackData
midiOutClose
mixerSetControlDetails
mmioInstallIOProcW
midiStreamRestart

user32

ReleaseCapture
SetWindowPos
ShowWindow
GetCapture
GetSysColor
GetWindowDC
GetKeyboardType
GetCaretBlinkTime
SetSystemMenu
VkKeyScanA
PrivateExtractIconsA
GetMenuStringA
CreateWindowExW

winspool.drv

DeletePrinter
DEVICEMODE
GetPrinterDataExW
StartDocPrinterA
DocumentEvent
ConfigurePortW
AddMonitorW
AddPrintProvidorW

oleacc

AccessibleChildren
LresultFromObject
GetStateTextA
GetRoleTextW
AccessibleObjectFromWindow
AccessibleObjectFromPoint
AccessibleObjectFromEvent
LIBID_Accessibility

gdiplus

GdipGetImageFlags
GdipSetPathGradientFocusScales
GdipSetLineColors
GdipAddPathBezier
GdipIsVisibleClipEmpty
GdipGetMetafileHeaderFromMetafile
GdipDrawPolygon
GdipCreateHBITMAPFromBitmap

ole32

StgOpenAsyncDocfileOnIFillLockBytes
OleCreateLinkToFile
OleIsRunning
CoRegisterClassObject
HBITMAP_UserSize
SNB_UserSize
CoResumeClassObjects

gdi32

Escape
GdiPlayEMF
SetPaletteEntries
GetEUDCTimeStampExW
EngStretchBltROP
PATHOBJ_bEnumClipLines
GetMiterLimit
DdEntry3
ExtFloodFill

shlwapi

SHRegEnumUSKeyW
StrToIntExA
UrlUnescapeW
StrRetToBufA
PathCanonicalizeA
SHRegQueryUSValueA
SHRegCreateUSKeyW
PathGetArgsW

Sections

.text
Size: 646KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

013e6b2e6ace2d90b912ba427401a263

Headers

File Characteristics

Imports

kernel32

winmm

user32

winspool.drv

oleacc

gdiplus

ole32

gdi32

shlwapi

Sections

.text Size: 646KB - Virtual size: 646KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 512B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 646KB - Virtual size: 646KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 512B

.rsrc
Size: 1KB - Virtual size: 1KB