1831d7bb488b4d64760358108d54dbfc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1831d7bb488b4d64760358108d54dbfc_JaffaCakes118
Size

257KB
MD5

1831d7bb488b4d64760358108d54dbfc
SHA1

1fb84c66c80c9edc97e0e50f4da2ebe5d40a75f0
SHA256

53c810020e9b541f965e5ad827f168d29712a1ff10b1d464d420ab3469b92a9d
SHA512

a2ab67c91d158c7d47bd6b7e0bc126edeeac99c580dab9d0dec174203f0bc3f795318798eeeea5b34b4786157093d140aec983f1ac829d65ae8ee8379acbf4d2
SSDEEP

3072:CicFgFSqXNa0s3o2MV2SwcfjUGkmj1AWFhGIhtrJG+2ozcQU8gh1yhw7yds5VLGM:fXNNSo2EscAxmpDGIhtrTpUpH15WJS3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1831d7bb488b4d64760358108d54dbfc_JaffaCakes118

Files

1831d7bb488b4d64760358108d54dbfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7af25957aac184cede8a4d48ab7d2464

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
CreateMutexA
GetProcAddress

user32

GetSystemMetrics
SetTimer
LoadCursorA
LoadMenuIndirectA
SetWindowTextW
GetDlgItemTextW
keybd_event
WaitMessage
ActivateKeyboardLayout
EndMenu
MoveWindow
MonitorFromRect
GetDlgItemInt
LoadCursorW
InsertMenuA
MessageBeep
GetMenu
SetWindowPos
GetKeyboardLayout
LoadMenuA
GetDesktopWindow
EnableMenuItem
LoadBitmapA
CharUpperW
SetWindowLongW
CharNextW
RegisterClassExA
CreateDesktopW
SetFocus
DialogBoxIndirectParamA
RegisterClassExW
MonitorFromWindow
GetCapture
IsDlgButtonChecked
GetClassInfoW
wsprintfA
RegisterClassW
TrackPopupMenuEx
MessageBoxA
GetCursorPos
MonitorFromPoint
CharLowerA
AdjustWindowRect
CreateDialogIndirectParamW
GetIconInfo
UnregisterClassW
GetKeyboardType
GetCaretPos

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

usp10

ScriptGetGlyphABCWidth
ScriptStringFree
ScriptShape
ScriptGetLogicalWidths
ScriptItemize
ScriptCacheGetHeight

gdi32

AddFontResourceW
GetStockObject
CreateFontIndirectExW
CreateScalableFontResourceW
CreateICW
CreateCompatibleDC
GetMetaFileA
GetEnhMetaFilePixelFormat
CreateMetaFileW
CreateSolidBrush
RemoveFontResourceExA
CreateBrushIndirect

rasppp

RasCpEnumProtocolIds

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 109KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 109KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7af25957aac184cede8a4d48ab7d2464

Headers

File Characteristics

Imports

kernel32

user32

advapi32

usp10

gdi32

rasppp

Sections

.text Size: 17KB - Virtual size: 17KB

.text Size: 1KB - Virtual size: 477KB

.rdata Size: 3KB - Virtual size: 16KB

.edata Size: 109KB - Virtual size: 162KB

.rdata Size: 4KB - Virtual size: 95KB

.data Size: 8KB - Virtual size: 97KB

.edata Size: 109KB - Virtual size: 143KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.text
Size: 1KB - Virtual size: 477KB

.rdata
Size: 3KB - Virtual size: 16KB

.edata
Size: 109KB - Virtual size: 162KB

.rdata
Size: 4KB - Virtual size: 95KB

.data
Size: 8KB - Virtual size: 97KB

.edata
Size: 109KB - Virtual size: 143KB

.rsrc
Size: 3KB - Virtual size: 2KB