0da8bcd8a2bb97a8d5e74dc309552264_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0da8bcd8a2bb97a8d5e74dc309552264_JaffaCakes118
Size

248KB
MD5

0da8bcd8a2bb97a8d5e74dc309552264
SHA1

7475b44a53030bd95cfda5a23f066a29157b9634
SHA256

5bda83df2d20e86a4211c5a0d0aafda8f02cdea9093e848e48cf02dcc9116a0f
SHA512

6ad03e5d4668ae428426a01eb403ad9ee5bca64842265fed2bc758538a02b6aba67379807b04de042c390dd104706c52dae3b294994a0b22496c0f8bcae22245
SSDEEP

6144:APwLhMm524w9pk1msqvzi9Hkc5ca2nT5gB:DLHU44k1m9vuH2le

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0da8bcd8a2bb97a8d5e74dc309552264_JaffaCakes118

Files

0da8bcd8a2bb97a8d5e74dc309552264_JaffaCakes118
.exe windows:9 windows x86 arch:x86

0ea9e8e7cc9cac4fd2175cba6699ae27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

hid

HidP_GetSpecificButtonCaps
HidD_GetHidGuid
HidP_GetUsages
HidP_MaxUsageListLength
HidD_GetPreparsedData
HidD_FreePreparsedData

kernel32

GetCommandLineW
SetThreadPriority
SetProcessShutdownParameters
GetTickCount
lstrcpyW
CreateFileMappingW
GetStartupInfoW
VirtualAlloc
CreateWaitableTimerW
CancelIo
WaitForMultipleObjects
QueryPerformanceFrequency
GetOverlappedResult
GetTickCount
GetCurrentProcess
SetWaitableTimer
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VirtualFree
GetPriorityClass
GetLastError
DeleteCriticalSection
DuplicateHandle
QueueUserAPC
GetSystemDirectoryW
InterlockedDecrement
lstrlenW
ResetEvent
SetThreadExecutionState
CloseHandle
EnterCriticalSection
SetEvent
UnmapViewOfFile
MulDiv
CloseHandle
GetProcessHeap
VerSetConditionMask
LeaveCriticalSection
GetProcessWorkingSetSize

setupapi

SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

user32

UnhookWindowsHookEx
GetDoubleClickTime
CallWindowProcW
DestroyWindow
RegisterWindowMessageW
GetMessageW
LoadImageW
DestroyIcon
PostThreadMessageW
GetAncestor
CallNextHookEx
IsWindow
GetSysColorBrush
EnumDisplayMonitors
CharNextW
PostMessageW
ClientToScreen
UpdateLayeredWindow
GetMonitorInfoW
RegisterDeviceNotificationW
InflateRect
GetSystemMetrics
OpenInputDesktop
UnregisterDeviceNotification
DrawIconEx
MonitorFromWindow
IntersectRect
CreateWindowExW
SendInput

ole32

CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitializeSecurity
CoCreateInstance

advapi32

RegEnumKeyW
RegCreateKeyW
RegSetValueW
RegOpenKeyExA
SetSecurityDescriptorGroup
CopySid
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
GetLengthSid
OpenThreadToken
GetTokenInformation
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW

gdi32

CreateCompatibleBitmap
CreateSolidBrush
SelectObject
CreateCompatibleDC
DeleteObject
GetDeviceCaps

msvcrt

wcstol
__setusermatherr
??3@YAXPAX@Z
_wcsicmp
__wgetmainargs
wcscpy
_controlfp
fputws
_wcmdln
free
__set_app_type
_vsnwprintf
_c_exit
_itow
fclose
_adjust_fdiv
wcsstr
?terminate@@YAXXZ
_initterm
_wfopen
exit
??2@YAPAXI@Z

atl

ord16
ord58
ord45
ord32
ord20
ord43
ord17
ord18
ord44
ord57

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ea9e8e7cc9cac4fd2175cba6699ae27

Headers

DLL Characteristics

File Characteristics

Imports

hid

kernel32

setupapi

user32

ole32

advapi32

gdi32

msvcrt

atl

Sections

.text Size: 184KB - Virtual size: 184KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 5KB - Virtual size: 548KB

.text
Size: 184KB - Virtual size: 184KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 5KB - Virtual size: 548KB