2774f7004f4c2002bbd8b2c449ebe81d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2774f7004f4c2002bbd8b2c449ebe81d_JaffaCakes118
Size

275KB
MD5

2774f7004f4c2002bbd8b2c449ebe81d
SHA1

f757cf3903b48f21451103554ec9b2fc7a04d900
SHA256

3a8d26021c445d16918e895fd65fa9ff62e723f4b2504a41e1b589cfcc138d89
SHA512

f5fdd3a4e216eea31c30bf357e90d102cabe7785c621d2e36e655e2f525420968770c3ac5fcc2c6bd708c4a52d2a89a9f5861acb825cfc8c282ff2947d7e2979
SSDEEP

6144:1XubZutHLtgX5CYoN2FlxlgObTDwS/T9tETX0COVMl:1XubZeLt0oWlvgObwS/4L0CoMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2774f7004f4c2002bbd8b2c449ebe81d_JaffaCakes118

Files

2774f7004f4c2002bbd8b2c449ebe81d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d09f728611029b438616097a03d58bf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC

atl

ord43
ord44
ord45
ord32
ord20
ord30
ord17
ord16

msvcrt

_itow
__set_app_type
_exit
_vsnwprintf
malloc
_wfopen
fclose
exit
_CIpow
_purecall
_onexit
__wgetmainargs
wcsstr
_adjust_fdiv
_CxxThrowException
_cexit
??2@YAPAXI@Z
wcscmp
??1type_info@@UAE@XZ
??3@YAXPAX@Z
__setusermatherr
_XcptFilter

hid

HidP_GetUsageValue
HidD_GetPreparsedData
HidD_GetHidGuid
HidP_GetSpecificValueCaps

user32

SendInput
DestroyIcon
GetThreadDesktop
EnumDisplayMonitors
GetDC
IntersectRect
OpenInputDesktop
UpdateLayeredWindow
GetMessageW
SetWindowLongW
LoadImageW
GetClientRect
CreateWindowExW
InflateRect
FillRect
SetCursorPos
DestroyWindow
MonitorFromWindow
GetPropW
MonitorFromPoint
GetAncestor
CallNextHookEx
CloseDesktop
SystemParametersInfoW
ShowWindow
GetDesktopWindow
WindowFromPoint
GetSystemMetrics

advapi32

RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorOwner
GetLengthSid
CopySid
OpenThreadToken
RegOpenKeyW
RegQueryValueExA
SetSecurityDescriptorGroup
RegDeleteKeyW
RegCreateKeyW
OpenProcessToken
RegSetValueExW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

kernel32

MulDiv
VirtualAllocEx
GetTickCount
InitializeCriticalSectionAndSpinCount
SetThreadPriority
CancelWaitableTimer
GetTickCount
lstrcpyW
CompareStringW
LoadLibraryW
InterlockedDecrement
CloseHandle
GetCommandLineW
HeapAlloc
SetEvent
GetSystemDirectoryW
GlobalDeleteAtom
CreateMutexW
InitializeCriticalSection
HeapFree
SetPriorityClass
SetPriorityClass
CloseHandle
GlobalAddAtomW
OpenProcess
VirtualFree
QueryPerformanceCounter
DuplicateHandle
GetProcessShutdownParameters

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d09f728611029b438616097a03d58bf7

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

atl

msvcrt

hid

user32

advapi32

setupapi

kernel32

ole32

Sections

.text Size: 169KB - Virtual size: 169KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 28KB - Virtual size: 548KB

.text
Size: 169KB - Virtual size: 169KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 28KB - Virtual size: 548KB