28aa159b5d775931c722962cbfbe1763_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28aa159b5d775931c722962cbfbe1763_JaffaCakes118
Size

396KB
MD5

28aa159b5d775931c722962cbfbe1763
SHA1

1dd2d1ffe1099e372c1dd54bfbd3c6e474d81baa
SHA256

3039c7b5a25fab9e734a9b09adfefa0a3b1296eb3d498082c8e6c063ae74540f
SHA512

5479f9bf5ee645d145773b5b0dc3c6b2921d420b79b48839c69807329f50fc9ee3a80a50c6f59227603f3f0e0f3e45c5fa09e9b74d2994284d1a8a1246d8b571
SSDEEP

6144:/nsK4S1O1OLLtyXyXWNxQS4L7bokc8A4mjsoOJdPUNP5ki0xmbpGcCb4gAhw5vt1:/r4S5yhNxQS47b88hhK5904pGv625Mn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28aa159b5d775931c722962cbfbe1763_JaffaCakes118

Files

28aa159b5d775931c722962cbfbe1763_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b661109a67ae7a8cfca4607a29a517c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualProtect
GetCommandLineA
VirtualAlloc
GetVersionExA

user32

GetMenuCheckMarkDimensions
TranslateAcceleratorA
LockWindowUpdate
wsprintfW
GrayStringW
GetScrollRange
GetCaretPos
CharUpperBuffW
FindWindowA
SetWindowLongW
CheckMenuItem
CloseWindow
RegisterClipboardFormatW
RegisterDeviceNotificationA
MapVirtualKeyW
DrawTextExA
HiliteMenuItem
ShowOwnedPopups
MessageBoxA
SetWindowPlacement
GetActiveWindow
IsWindow
TranslateAcceleratorW
SetMenuItemInfoA
GetSysColorBrush
LoadCursorW
ExcludeUpdateRgn
EnumDesktopsW
CreateCursor
CheckMenuRadioItem
LoadStringW
DrawMenuBar
TranslateMDISysAccel
SetKeyboardState
ActivateKeyboardLayout
CheckDlgButton
mouse_event
DrawIcon
CharPrevW
DefDlgProcW
PostQuitMessage
GetTopWindow
GetPropW
DispatchMessageA
CharUpperW
FlashWindow
UpdateWindow
GetUserObjectSecurity
KillTimer
UnregisterClassW
RegisterClassW
FlashWindowEx
MapDialogRect
PeekMessageW
InternalGetWindowText

gdi32

BeginPath
GetPixel
CopyMetaFileA
Rectangle
RoundRect
PathToRegion
GetMetaFileBitsEx
ChoosePixelFormat

comdlg32

ReplaceTextW
GetSaveFileNameW
PrintDlgW

advapi32

RegSetKeySecurity
InitializeSid
OpenServiceW
MapGenericMask
AccessCheck
SetThreadToken
RegisterServiceCtrlHandlerA
DeleteService
RegSetValueExW
ObjectCloseAuditAlarmA
CryptReleaseContext
RegOpenKeyExW

shell32

SHLoadInProc
DragFinish

ole32

CoTaskMemRealloc
OleRegGetMiscStatus

oleaut32

SafeArrayUnaccessData
SysFreeString
SafeArrayGetElement
QueryPathOfRegTypeLi
LoadTypeLibEx
SafeArrayRedim
SafeArrayCreate

comctl32

CreatePropertySheetPageA
ImageList_Create
PropertySheetA
InitCommonControlsEx

shlwapi

StrToIntW
StrStrW
StrTrimW
SHRegOpenUSKeyW
wvnsprintfW
StrStrA
StrRetToStrW
UrlIsW
SHDeleteKeyA
StrRStrIW
PathIsRootW
StrChrIA

Sections

asgmic
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

kowie
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

aieou
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mgkacwi
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b661109a67ae7a8cfca4607a29a517c0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

asgmic Size: 336KB - Virtual size: 334KB

kowie Size: 4KB - Virtual size: 3KB

aieou Size: 32KB - Virtual size: 31KB

mgkacwi Size: 20KB - Virtual size: 19KB

asgmic
Size: 336KB - Virtual size: 334KB

kowie
Size: 4KB - Virtual size: 3KB

aieou
Size: 32KB - Virtual size: 31KB

mgkacwi
Size: 20KB - Virtual size: 19KB