169cb694db8f969f9c2e9977e8b2d3a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169cb694db8f969f9c2e9977e8b2d3a6_JaffaCakes118
Size

281KB
MD5

169cb694db8f969f9c2e9977e8b2d3a6
SHA1

564a6f7e9326f2cc978a6227e871816275331f79
SHA256

60969cc080cce1c39364301111e1fa2c7f9ead40cfb4b88856b310cc4dd48083
SHA512

67f9445d795350e27aee782df13163f9e584f7480f551c6d85d500084631613bcce0b0422824cf8ec31f6cc4b337310c00be43be071984721ada33993a22d3df
SSDEEP

6144:KFhJ9NSqiCPK8QyXn4RcPoLoqm/l503oiksLgvtRZ:mhXa0KE8nL2YoiksLg5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169cb694db8f969f9c2e9977e8b2d3a6_JaffaCakes118

Files

169cb694db8f969f9c2e9977e8b2d3a6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

191df99dc5d65372445e52a60a0763a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

atl

ord57
ord45
ord17
ord16
ord32

hid

HidD_GetPreparsedData
HidD_FreePreparsedData
HidP_GetUsageValue
HidP_GetUsages
HidD_GetHidGuid
HidP_GetSpecificButtonCaps

gdi32

DeleteDC

kernel32

VirtualAlloc
CancelWaitableTimer
OpenProcess
lstrlenW
GetLastError
ResetEvent
FreeLibrary
SetProcessShutdownParameters
SetPriorityClass
DuplicateHandle
HeapAlloc
QueueUserAPC
SetPriorityClass
GetProcessWorkingSetSize
VirtualFree
CloseHandle
SetThreadExecutionState
QueryPerformanceFrequency
DeleteCriticalSection
ReleaseMutex
GetCurrentProcess
GetCurrentThread
GetTickCount
VerSetConditionMask
GetProcessHeap
CancelIo
GetModuleHandleA
SetThreadPriority
WaitForMultipleObjectsEx
InitializeCriticalSectionAndSpinCount

user32

GetMessageW
EqualRect
LoadImageW
SetCursorPos
FillRect
DrawIconEx
DispatchMessageW
MonitorFromPoint
OpenInputDesktop
SetWindowsHookExW
GetWindowLongW
UnhookWindowsHookEx
GetDC
PtInRect
GetThreadDesktop
SetWindowLongW
GetSystemMetrics
CreateWindowExW
EnumDisplaySettingsW
SystemParametersInfoW
PostMessageW
OpenDesktopW
ShowWindow
MoveWindow
GetMonitorInfoW
GetDesktopWindow
MonitorFromWindow
ReleaseDC

setupapi

SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo

msvcrt

_wcsicmp
_beginthreadex
__wgetmainargs
_cexit
wcslen
_CIpow
wcscpy
_controlfp
malloc
??3@YAXPAX@Z
?terminate@@YAXXZ
_except_handler3
_CxxThrowException
??1type_info@@UAE@XZ

ole32

CoUninitialize
CoTaskMemAlloc

advapi32

RegQueryValueExA
GetLengthSid
RegSetValueExW
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
RegCreateKeyW
RegDeleteKeyW
RegCloseKey
SetSecurityDescriptorOwner
RegOpenKeyExW
CopySid
RegSetValueW

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

191df99dc5d65372445e52a60a0763a2

Headers

DLL Characteristics

File Characteristics

Imports

atl

hid

gdi32

kernel32

user32

setupapi

msvcrt

ole32

advapi32

Sections

.text Size: 178KB - Virtual size: 178KB

.data Size: 69KB - Virtual size: 68KB

.rsrc Size: 33KB - Virtual size: 588KB

.text
Size: 178KB - Virtual size: 178KB

.data
Size: 69KB - Virtual size: 68KB

.rsrc
Size: 33KB - Virtual size: 588KB