9cf5cb7f3c29d195ff4565af580f1498_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9cf5cb7f3c29d195ff4565af580f1498_JaffaCakes118
Size

1.2MB
MD5

9cf5cb7f3c29d195ff4565af580f1498
SHA1

efba29653fc216b5faf6ae5ceaa2b4105ebc8585
SHA256

f09b23526032f2b5dc3229100f5f3bbcdff48208d6505006c81a38a5cc1b4fce
SHA512

b6c6693a5b4edf784aabfc1367525f10b6774e4109f8f15a0d76b9498fc7b11fbb8df806dac197da143cbeaed56c20f2f865d93ee5a303437415954b1eb0d8b5
SSDEEP

24576:jamF/69oQ9uy+UV66FbdvJn1cpsqd/XqIfP0VaHdHdHdHfFfHdHdHdHfFfHdHdHV:7FFa+krzcpZ/vfEmp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9cf5cb7f3c29d195ff4565af580f1498_JaffaCakes118

Files

9cf5cb7f3c29d195ff4565af580f1498_JaffaCakes118
.exe windows:5 windows x86 arch:x86

334191d07f4462d7f2b7cf33fa319c4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetModuleHandleA
CreateDirectoryW
CreateFileW
lstrcpynW
WriteConsoleW
SetLastError
SetConsoleMode
ResumeThread
ReadConsoleInputW
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryW
GetThreadLocale
GetStdHandle
GetPrivateProfileStructA
GetOEMCP
GetProcAddress
GetLastError
GetFullPathNameW
GetFileType
GetFileAttributesW
GetFileAttributesExW
GetConsoleScreenBufferInfo
GetConsoleMode
GetComputerNameExW
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FindNextFileW
FindFirstFileW

user32

InvalidateRect
IsRectEmpty
IsWindowVisible
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadStringW
MapWindowPoints
MessageBoxW
OffsetRect
OpenWindowStationW
PostMessageW
RedrawWindow
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseDC
RemovePropW
SendMessageW
SetClassLongW
SetFocus
SetForegroundWindow
SetPropW
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
ShowWindow
SystemParametersInfoW
UnhookWindowsHookEx
UpdateWindow
WaitForInputIdle
IntersectRect
InflateRect
GetWindowThreadProcessId
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetScrollRange
GetScrollPos
GetScrollInfo
GetIconInfo
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetCapture
FrameRect
FindWindowW
FindWindowExW
FillRect
ExitWindowsEx
EqualRect
EndPaint
EnableScrollBar
DrawTextW
DrawFrameControl
DrawEdge
DefWindowProcW
CopyImage
CallWindowProcW
CallNextHookEx
BeginPaint
LoadCursorFromFileA
GetKBCodePage
GetMessageExtraInfo
ReleaseCapture
GetShellWindow
IsCharAlphaNumericA
IsIconic

gdi32

EndPath
CreateHalftonePalette
GdiFlush
DeleteEnhMetaFile
StrokePath
GetStockObject
GetTextCharacterExtra

advapi32

ReportEventW
OpenThreadToken
OpenProcessToken
LsaQueryInformationPolicy
LsaOpenPolicy
LsaFreeMemory
LsaClose
RegOpenKeyW
RegQueryValueExW
CopySid
CreateProcessAsUserW
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptSignHashW
FreeSid
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorOwner
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
ImpersonateLoggedOnUser
IsValidSid
LogonUserW
LookupAccountNameW
LsaAddAccountRights
RevertToSelf

shell32

SHChangeNotify
SHGetFileInfoW
ShellExecuteExW
ShellExecuteW
FindExecutableW

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromProgID

Sections

.text
Size: 1002KB - Virtual size: 1001KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

334191d07f4462d7f2b7cf33fa319c4c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 1002KB - Virtual size: 1001KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 1024B - Virtual size: 960B

.rsrc Size: 40KB - Virtual size: 751KB

.text
Size: 1002KB - Virtual size: 1001KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 1024B - Virtual size: 960B

.rsrc
Size: 40KB - Virtual size: 751KB