2761a1d563dcc20928cd25d8be71aae2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2761a1d563dcc20928cd25d8be71aae2_JaffaCakes118
Size

60KB
MD5

2761a1d563dcc20928cd25d8be71aae2
SHA1

34723d16eac0fefd616cccfa8703813db9669ae1
SHA256

e731a52e51565550cee07bffb3c1d6ab5fc4dc0c857369ad7ce5ae807c4fbe17
SHA512

b062573991a44c3b244036185f1f17bfc0fff8e6b6c2c3a97a0c0ef467c76ad31f5babcfe8bddd77fa5df7b255f5c0a3d2882778efcba7a74b3471534ec5cd56
SSDEEP

1536:n0Zz0OxI2jJNyFrMJyeIB7f9BGhPaVkbhK4eUD1:nOQO22jJ+rMJyZB7YK4eUD1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2761a1d563dcc20928cd25d8be71aae2_JaffaCakes118

Files

2761a1d563dcc20928cd25d8be71aae2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94913d69bfad4b76a69487f33e14c3e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageTimeoutA
PostQuitMessage
DdeUnaccessData
MessageBoxA
DestroyAcceleratorTable
EndMenu
GetMenuState
GetLastActivePopup
GetNextDlgTabItem
GetMenuItemCount
GetScrollBarInfo
FreeDDElParam
GetIconInfo
SetMenuDefaultItem
GetWindowInfo
GetSystemMenu
GetShellWindow
GetMenuCheckMarkDimensions
SetCaretBlinkTime
DrawMenuBar
DlgDirSelectExA
InvalidateRgn
RedrawWindow
RegisterDeviceNotificationA
SetProcessWindowStation
DdeCreateDataHandle
DdeEnableCallback
LoadIconA
GetComboBoxInfo
DestroyMenu
TranslateAccelerator
RegisterWindowMessageA
ChildWindowFromPointEx
SetSysColors
UnpackDDElParam
DdeQueryStringA
EnumDisplayMonitors
SetDoubleClickTime
VkKeyScanA
CopyIcon
GetAsyncKeyState
SetScrollInfo
CloseDesktop
DrawCaption
IsWindowUnicode
GetClipboardFormatNameA
EnumPropsExA
ShowCursor
IMPGetIMEA
CreateDialogParamA
SetMessageExtraInfo
CheckMenuItem
ArrangeIconicWindows
LoadAcceleratorsA

advapi32

PrivilegeCheck
EnumDependentServicesA
CryptEncrypt
GetAclInformation
GetSecurityDescriptorOwner
RegQueryValueA
OpenEventLogA
CryptGetKeyParam
RegOpenKeyA
RegConnectRegistryA
GetSecurityDescriptorControl
GetExplicitEntriesFromAclA
GetServiceDisplayNameA
CryptSetKeyParam
RegSaveKeyA
DeregisterEventSource
ChangeServiceConfigA
ObjectDeleteAuditAlarmA
CryptHashSessionKey
ControlService
AccessCheck
AddAce
CryptGenKey
IsTextUnicode
CopySid
CryptContextAddRef
GetNumberOfEventLogRecords
GetTrusteeTypeA
GetMultipleTrusteeA
RegDeleteValueA
RegUnLoadKeyA
GetSidSubAuthority
BackupEventLogA
BuildSecurityDescriptorA
QueryServiceObjectSecurity
FindFirstFreeAce

shlwapi

PathIsUNCA

Sections

.sxghq
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rizs
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dmh
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cribw
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94913d69bfad4b76a69487f33e14c3e2

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

Sections

.sxghq Size: 22KB - Virtual size: 45KB

.rizs Size: 5KB - Virtual size: 10KB

.dmh Size: 1KB - Virtual size: 2KB

.cribw Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.sxghq
Size: 22KB - Virtual size: 45KB

.rizs
Size: 5KB - Virtual size: 10KB

.dmh
Size: 1KB - Virtual size: 2KB

.cribw
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB