2aa74405e5a476f740769f9a154ca700_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aa74405e5a476f740769f9a154ca700_JaffaCakes118
Size

316KB
MD5

2aa74405e5a476f740769f9a154ca700
SHA1

a9010dac6b4efe60c8d47be613056daf7cb6a1a3
SHA256

e1bbc2cbb3ebcbb10d433e7a5812794164fb1633d253bff58cfa958a5d9e76cb
SHA512

a477a6609b47cc993be397433f0eed070bc598d9ab48f2fbdce6dc19a2652a4539fcda9bec5089a14f781984c6b83527a9604b6c75c3cb52f44318f684d19cee
SSDEEP

6144:Pj5j3fzQ8pnC8k5bX4UAeNzO2ougAdZqwzAqWVYfJ1+fnk978nZeaoVVt6UwvFPY:dE8JCBA0zoujZqwzWVYfjuk8IaAa7ZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa74405e5a476f740769f9a154ca700_JaffaCakes118

Files

2aa74405e5a476f740769f9a154ca700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64a826dcc1170a4193e709370f7f5471

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetVersionExA
VirtualProtect
lstrlenA
GetCommandLineA

user32

GetWindowTextA
IsCharLowerA
RemoveMenu
DrawTextExW
TileWindows
ValidateRgn
SetWindowsHookExW
IsWindowUnicode
GetAncestor
CopyAcceleratorTableA
GetKeyNameTextW
EmptyClipboard
OemKeyScan
GetDlgItem
CreateAcceleratorTableA
GetWindowInfo
ToUnicode
SetMenuDefaultItem
MonitorFromWindow
CharUpperBuffA
GetWindowDC
WindowFromDC
GetKeyboardLayoutList
EnableMenuItem
TrackPopupMenu
UnhookWinEvent
mouse_event
MoveWindow
InsertMenuW
GetClassInfoExW
PeekMessageA
CreateWindowExW
PeekMessageW
GetClassInfoW
EnableWindow
DispatchMessageA
CreateIconIndirect
DestroyCursor
SetWindowWord
PostMessageA
DialogBoxParamW
LoadCursorA
EndMenu
ActivateKeyboardLayout
SetKeyboardState
GetWindowThreadProcessId

gdi32

GetPolyFillMode
CopyMetaFileA
SetAbortProc
CreateDiscardableBitmap
PolyPolyline
AddFontResourceW
GetCurrentObject
CreatePatternBrush

comdlg32

ReplaceTextA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

advapi32

CryptReleaseContext
CreateServiceW
ReportEventW
RegSetValueW
RegFlushKey
AccessCheckAndAuditAlarmW
SetKernelObjectSecurity
SetPrivateObjectSecurity
OpenProcessToken
CryptImportKey
ImpersonateLoggedOnUser
MapGenericMask
ObjectCloseAuditAlarmW
CryptEncrypt
InitializeSid
BuildTrusteeWithNameW
QueryServiceConfigW
CryptCreateHash
CryptGetHashParam
LockServiceDatabase
LookupPrivilegeValueW
CreateProcessAsUserA
RegDeleteValueA
RegRestoreKeyW
RegCreateKeyExA
RegOpenKeyA
GetSecurityDescriptorControl
CryptGenKey
AbortSystemShutdownA
GetSecurityDescriptorLength
RegQueryValueExW

oleaut32

LoadTypeLi
QueryPathOfRegTypeLi
SafeArrayUnaccessData
VariantChangeType

comctl32

ImageList_Duplicate
ImageList_SetDragCursorImage
ImageList_DragShowNolock

shlwapi

PathCanonicalizeW
StrCpyNW
StrDupW
AssocQueryKeyW
SHStrDupW
SHRegGetBoolUSValueA
PathUnquoteSpacesA
UrlCanonicalizeW
PathRelativePathToW
PathCombineA
PathRemoveBackslashW
PathParseIconLocationW
UrlCombineW
SHEnumValueW
SHDeleteKeyW
PathIsURLW
StrCmpNW
StrStrW
StrCmpIW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDescriptionW
SetupDiCallClassInstaller
SetupTermDefaultQueueCallback
SetupDiSetSelectedDriverA
SetupIterateCabinetW
SetupDiClassNameFromGuidExA
SetupDiCreateDeviceInfoList
SetupInstallServicesFromInfSectionA
SetupDiOpenDevRegKey

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64a826dcc1170a4193e709370f7f5471

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 27KB