14920814c2791ecb1f1e77597d1cb804_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14920814c2791ecb1f1e77597d1cb804_JaffaCakes118
Size

251KB
MD5

14920814c2791ecb1f1e77597d1cb804
SHA1

139e33e1b0194d0f49d00675f7931571165202bd
SHA256

c571acd770188aeee21d9b65ac1458d5115d5929aab970d845311e37b836ed3c
SHA512

c46688b797f8e70ba4937c30aa8dc9d837bc6bf9ce2f3f905cb49ff67036cb5b0dabb8868bd0de895bcd75144193e6c79783cd82019f12a0e44468a3eee6ba5b
SSDEEP

3072:hRp0/zA7Zn72z8TwP+Yv+0PdeVusaTr4b+3INZDeUj1fZW7r5Ov41uGFxortdNBf:qenizaVCVFCbNZeGewLUEvHTfdH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14920814c2791ecb1f1e77597d1cb804_JaffaCakes118

Files

14920814c2791ecb1f1e77597d1cb804_JaffaCakes118
.exe windows:9 windows x86 arch:x86

6be46d5601d27b34d1eb3acfde575d17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

hid

HidD_FreePreparsedData
HidP_GetUsageValue
HidD_GetProductString
HidD_GetHidGuid
HidP_GetUsages
HidD_GetPreparsedData

gdi32

CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps

atl

ord43
ord23
ord18

setupapi

SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces

user32

GetSysColor
CallNextHookEx
MonitorFromPoint
PostMessageW
GetThreadDesktop
PostThreadMessageW
RegisterWindowMessageW
InflateRect
DrawIconEx
SendInput
SetWindowLongW
WindowFromPoint
CloseDesktop
SetCursorPos
GetDoubleClickTime
FillRect
GetAncestor
EnumDisplayMonitors
ClientToScreen
GetDC
EnumDisplaySettingsW
GetWindowLongW
SystemParametersInfoW
IntersectRect
DispatchMessageW
UpdateLayeredWindow
GetUserObjectInformationW
OpenDesktopW

ole32

CoTaskMemAlloc

advapi32

RegOpenKeyW
SetSecurityDescriptorGroup
OpenProcessToken
RegQueryValueExA
RegDeleteKeyW
OpenThreadToken
GetTokenInformation
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

kernel32

ReleaseMutex
WaitForSingleObject
EnterCriticalSection
CloseHandle
VirtualAlloc
CloseHandle
WaitForMultipleObjects
VerSetConditionMask
GetStartupInfoW
MapViewOfFile
QueryPerformanceFrequency
LeaveCriticalSection
GetCommandLineW
CompareStringW
HeapFree
GetModuleHandleA
lstrlenW
GetPriorityClass
GetProcessWorkingSetSize
InterlockedDecrement
OpenEventW
SetThreadExecutionState
CreateWaitableTimerW
InterlockedIncrement
GetSystemDirectoryW
GetCurrentProcess
SetEvent
DuplicateHandle
VirtualFree
QueryPerformanceCounter
CancelIo
WaitForMultipleObjectsEx
ReadFile
GetCurrentThread
MulDiv
CancelWaitableTimer
FreeLibrary
CreateFileW
VerifyVersionInfoW
UnmapViewOfFile
lstrcpyW
InitializeCriticalSection
SetThreadPriority
GetCurrentThreadId
SetWaitableTimer
GetTickCount

msvcrt

__set_app_type
swscanf
__p__commode
_purecall
_controlfp
_wfopen
??3@YAXPAX@Z
wcslen
_CIpow
_wcmdln
_cexit
__CxxFrameHandler
malloc
??1type_info@@UAE@XZ
__p__fmode
_CxxThrowException
fclose
_onexit
__wgetmainargs
_wcsicmp
_ftol
_initterm
wcsstr
__dllonexit
exit
?terminate@@YAXXZ

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6be46d5601d27b34d1eb3acfde575d17

Headers

DLL Characteristics

File Characteristics

Imports

hid

gdi32

atl

setupapi

user32

ole32

advapi32

kernel32

msvcrt

Sections

.text Size: 172KB - Virtual size: 172KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 5KB - Virtual size: 536KB

.text
Size: 172KB - Virtual size: 172KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 5KB - Virtual size: 536KB