067bdaaf83ce4fb07e19a49e356f9a13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

067bdaaf83ce4fb07e19a49e356f9a13_JaffaCakes118
Size

59KB
MD5

067bdaaf83ce4fb07e19a49e356f9a13
SHA1

6cc00ab190a39aedb80f7feb14b69e3d9de65583
SHA256

3002faaa0f6c991eaace49b3228a503750b5630da6d3741fea9892706bf66c4e
SHA512

2e045d392286c8c2865ce9fcf3ecccfcdb7732c4aa0fa75206ad79ff086baad59742bdf6cef2a7b571439ddfc4ccaf88ae78a8f81a9715d97b0affe12676de7c
SSDEEP

1536:L5w1aro7SSuDEo6/RZDxopJRkeBRsZYoGUBop36EDT:tw1aiVTRNxKuZYoGY1EDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
067bdaaf83ce4fb07e19a49e356f9a13_JaffaCakes118

Files

067bdaaf83ce4fb07e19a49e356f9a13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d98298a1c015cd8378d5712338430a1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawMenuBar
IsDialogMessage
CreateAcceleratorTableA
CreateDialogParamA
DdeUnaccessData
GetClipboardFormatNameA
GetNextDlgTabItem
MsgWaitForMultipleObjects
DdeEnableCallback
CreateWindowExA
IsMenu
GetDC
CloseDesktop
wvsprintfA
SetSysColors
MessageBoxA
EnumPropsExA
DdeCreateDataHandle
VkKeyScanA
CharToOemBuffA
CheckMenuItem
RedrawWindow
LoadIconA
SetWindowRgn
DrawFrame
TranslateAccelerator
SetWindowContextHelpId
ShowCursor
CreateIconIndirect
DrawTextExA
MonitorFromPoint
PostQuitMessage
LoadMenuIndirectA
SetKeyboardState
GetKeyboardLayoutList
GetWindowRect
ChangeMenuA
OemToCharA
RegisterDeviceNotificationA
GetComboBoxInfo
EndMenu
GetLastActivePopup
TileWindows
ToUnicodeEx
WinHelpA
DdeClientTransaction
MapVirtualKeyExA
GetDoubleClickTime
PackDDElParam
ArrangeIconicWindows
SetMessageExtraInfo
GetIconInfo
GetTopWindow
UnhookWinEvent
GetSystemMenu
GetClassWord

advapi32

ObjectDeleteAuditAlarmA
CryptSignHashA
GetExplicitEntriesFromAclA
RegOpenKeyA
CryptGenKey
PrivilegeCheck
IsTextUnicode
AllocateAndInitializeSid
GetSecurityDescriptorControl
BuildSecurityDescriptorA
RevertToSelf
ControlService
OpenEventLogA
AccessCheck
CryptHashSessionKey
InitializeAcl
GetServiceDisplayNameA
SetEntriesInAuditListA
CopySid
ChangeServiceConfigA
GetSidSubAuthority
GetTrusteeTypeA
CryptContextAddRef
AddAce
FindFirstFreeAce
RegSaveKeyA
GetNumberOfEventLogRecords
CryptDestroyHash
RegQueryValueA
CryptGetKeyParam
EnumDependentServicesA
GetMultipleTrusteeA
DeregisterEventSource
RegConnectRegistryA

kernel32

ResetEvent

Sections

.mred
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ynk
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tan
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.axqb
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d98298a1c015cd8378d5712338430a1d

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.mred Size: 22KB - Virtual size: 45KB

.ynk Size: 5KB - Virtual size: 10KB

.tan Size: 1024B - Virtual size: 1KB

.axqb Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.mred
Size: 22KB - Virtual size: 45KB

.ynk
Size: 5KB - Virtual size: 10KB

.tan
Size: 1024B - Virtual size: 1KB

.axqb
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB