6a741f1d02adf42d4b00acd3069b8925_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a741f1d02adf42d4b00acd3069b8925_JaffaCakes118
Size

416KB
MD5

6a741f1d02adf42d4b00acd3069b8925
SHA1

f8203e5f7c3dadbb3a99706945de4f9280bb0295
SHA256

777dfeb44c024e6aa2491a524e2d7bf5791cee83d3ef3cbefdfee573a1c5c201
SHA512

43a4f3c2eeab451fd4e8f1fe37bca16e10b749cb0afd1305d23a933f0365aa44629cd66c2346dc53a71a21261865bb759398624acc6e7efb3dec9540a386f2c0
SSDEEP

6144:EyRbe0G4hM61nBOeo95sA1lpkitzeHX7/lDY+2cv07Moo4QyDjF1bjVxzt6tm:Eyde14hbjc5sKciU7lDY+ozkI/xzom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a741f1d02adf42d4b00acd3069b8925_JaffaCakes118

Files

6a741f1d02adf42d4b00acd3069b8925_JaffaCakes118
.exe windows:6 windows x86 arch:x86

07ceea763b9193ba29d8ded3f10d63a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryExW
CreateWaitableTimerA

winspool.drv

DocumentEvent
EXTDEVICEMODE
AddMonitorW
DeviceMode

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy

shell32

SHCreateDirectoryExA

user32

FindWindowW
SetWindowPos
KillTimer
PostQuitMessage
EndDialog
SetTimer
DispatchMessageW
TranslateMessage
DialogBoxParamW
GetSystemMetrics
GetDesktopWindow
GetClientRect
IsDlgButtonChecked
ShowWindow
LoadIconW
PostMessageW
DefDlgProcW
MessageBoxW
GetMonitorInfoW
SetForegroundWindow
SystemParametersInfoW
CharNextW
SetWindowLongW
GetParent
GetWindowLongW
SendDlgItemMessageW
GetDlgItem
CopyAcceleratorTableA
MonitorFromRect
SetWindowTextW
CreateWindowExW
DragObject
DestroyWindow
CallWindowProcW
CheckDlgButton
SendMessageW
RegisterClassW
GetMessageW
GetSysColorBrush
LoadStringW
GetWindowRect
DefWindowProcW

advapi32

GetAce
RegQueryValueExW
GetSecurityInfo
RegOpenKeyExW
RegCreateKeyExW
CryptDestroyHash
CryptHashData
CryptCreateHash
SetSecurityInfo
CryptAcquireContextW
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegNotifyChangeKeyValue
CryptReleaseContext
CryptGetHashParam

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07ceea763b9193ba29d8ded3f10d63a7

Headers

File Characteristics

Imports

kernel32

winspool.drv

comctl32

shell32

user32

advapi32

ole32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 124KB - Virtual size: 864KB

.rdata Size: 25KB - Virtual size: 24KB

.rsrc Size: 91KB - Virtual size: 91KB

.idata Size: 5KB - Virtual size: 5KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 124KB - Virtual size: 864KB

.rdata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 91KB - Virtual size: 91KB

.idata
Size: 5KB - Virtual size: 5KB