22db960cef1ffe012c575e2dde342cff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22db960cef1ffe012c575e2dde342cff_JaffaCakes118
Size

265KB
MD5

22db960cef1ffe012c575e2dde342cff
SHA1

824a730555e2dcc3701b9d69ffcaadceb8bea179
SHA256

6359856edac9e441481e541fced3d2326a793c316c3b42c4dd07e17db91e5629
SHA512

929d9e7fe1d4635144dc398f4e41433b1be9a51395ff4bbb1de4c10cf73dcb6bab483fcd93c76ee91a67b9d485bcbdb42a5c8919241d8512ac17aa92715fcb7b
SSDEEP

6144:NbUs8mxF6bJDEBv/SQusXzxdL9pBBFnFwKxoUO7C:fo5K/S1sX9dr16C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22db960cef1ffe012c575e2dde342cff_JaffaCakes118

Files

22db960cef1ffe012c575e2dde342cff_JaffaCakes118
.exe windows:0 windows x86 arch:x86

bb214e6b70fe1f77c1872242603b330a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetLengthSid
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
CopySid
RegSetValueW
RegSetValueExW
RegCreateKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyW

ole32

CoUninitialize
CoCreateInstance

atl

ord23
ord17
ord58
ord18
ord44
ord30
ord32

kernel32

CreateFileMappingW
OpenEventW
GetCommandLineW
GetModuleHandleA
CloseHandle
LoadLibraryW
OpenProcess
GetProcessWorkingSetSize
FreeLibrary
GetProcessHeap
SetPriorityClass
EnterCriticalSection
WaitForSingleObject
CreateEventW
GetProcAddress
VirtualFree
UnmapViewOfFile
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
ResetEvent
GetTickCount
HeapFree
WaitForMultipleObjectsEx
GetSystemDirectoryW
GlobalDeleteAtom
GetCurrentThread
HeapAlloc
VirtualAlloc
DeleteCriticalSection
CreateWaitableTimerW
GetStartupInfoW
GlobalAddAtomW
SetPriorityClass
InitializeCriticalSection
DuplicateHandle

user32

EnumDisplaySettingsW
CallNextHookEx
EqualRect
SetWindowLongW
OpenDesktopW
LoadImageW
CharNextW
GetDoubleClickTime
OpenInputDesktop
GetSysColorBrush
SystemParametersInfoW
GetDC
SetThreadDesktop
SetWindowsHookExW
PtInRect
MoveWindow
CreateWindowExW
WindowFromPoint
UnregisterDeviceNotification
GetPropW
RegisterWindowMessageW
SendInput
LoadStringW
IntersectRect
EnumDisplayMonitors
GetAncestor
PostThreadMessageW

msvcrt

_beginthreadex
free
__wgetmainargs
fputws
__dllonexit
__CxxFrameHandler
_wcmdln
_CxxThrowException
wcslen
_controlfp
swscanf
wcscpy
_exit
fclose
malloc
_except_handler3
exit
_onexit
_initterm
wcscmp
_adjust_fdiv
??2@YAPAXI@Z
_wcsicmp
_purecall

setupapi

SetupDiOpenDevRegKey
SetupDiGetDeviceInterfaceDetailW

gdi32

CreateCompatibleDC
GetDeviceCaps
DeleteObject
SelectObject
CreateSolidBrush
CreateCompatibleBitmap

hid

HidD_GetProductString
HidP_GetSpecificButtonCaps
HidD_FreePreparsedData
HidP_MaxUsageListLength
HidP_GetCaps
HidP_GetSpecificValueCaps
HidD_GetHidGuid

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb214e6b70fe1f77c1872242603b330a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ole32

atl

kernel32

user32

msvcrt

setupapi

gdi32

hid

Sections

.text Size: 174KB - Virtual size: 174KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 16KB - Virtual size: 568KB

.text
Size: 174KB - Virtual size: 174KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 16KB - Virtual size: 568KB