2c4d9cae53b6d57c237f5bb95de64543_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4d9cae53b6d57c237f5bb95de64543_JaffaCakes118
Size

279KB
MD5

2c4d9cae53b6d57c237f5bb95de64543
SHA1

0f9af6e3d8b48a361e20a26beaf281253ceb5fa0
SHA256

99c51bc408bbc3a733a733c0f8bd946ed4123ffeab5829cf9f96c628debe0eda
SHA512

cb6bdcf38dc74941d5b9556ea78a6dada2e311ae48a0709ddcf23fc1e6cf7f070a0d977f1ef02e9ceb61fc83f4d879aaf902651ea4b3cffd0a8fe84278c02912
SSDEEP

6144:Jy7YkgLp14s8I3FLdJM231R/1nhVRYD7mcr:JQ7gLp/5fv/cScr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4d9cae53b6d57c237f5bb95de64543_JaffaCakes118

Files

2c4d9cae53b6d57c237f5bb95de64543_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c27d27dcaa4ec4c7657f7f61fb45f6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupDiGetDeviceInterfaceDetailW

hid

HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps
HidD_GetHidGuid
HidD_FreePreparsedData
HidP_GetUsages
HidD_GetPreparsedData
HidD_GetAttributes
HidP_GetCaps

msvcrt

swscanf
wcstol
malloc
__setusermatherr
fputws
_initterm
_CxxThrowException
wcslen
?terminate@@YAXXZ
??2@YAPAXI@Z
exit
_cexit
__set_app_type
free
__p__commode
_exit
_wfopen
_adjust_fdiv
_ftol
_wcmdln
_controlfp
wcsstr
wcscmp
_c_exit
__dllonexit
??1type_info@@UAE@XZ
_onexit
_CIpow
wcscpy

kernel32

HeapAlloc
WaitForMultipleObjectsEx
EnterCriticalSection
GetProcessHeap
FreeLibrary
CreateEventW
VirtualAllocEx
CreateWaitableTimerW
SetPriorityClass
GetCurrentProcess
GetTickCount
LeaveCriticalSection
SetPriorityClass
lstrlenW
ReleaseMutex
OpenProcess
GetProcessShutdownParameters
CreateFileMappingW
CancelWaitableTimer
DeleteCriticalSection
QueryPerformanceCounter
GlobalDeleteAtom
LoadLibraryW
MulDiv
ResetEvent
GetLastError
UnmapViewOfFile
GlobalAddAtomW
InitializeCriticalSection
WaitForSingleObject
CloseHandle
GetOverlappedResult
GetSystemDirectoryW
GetProcAddress
VirtualFree

gdi32

CreateSolidBrush
DeleteDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
CreateCompatibleDC

atl

ord17
ord23
ord57
ord30
ord18
ord43

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree

advapi32

RegSetValueW
RegOpenKeyExW
CopySid
SetSecurityDescriptorGroup
RegOpenKeyW
RegCreateKeyExW
OpenThreadToken
InitializeSecurityDescriptor
RegOpenKeyExA
GetLengthSid
RegCreateKeyW

user32

LoadStringW
MonitorFromPoint
GetDesktopWindow
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
FillRect
CallWindowProcW
GetSystemMetrics
GetThreadDesktop
PostThreadMessageW
MonitorFromWindow
UnregisterDeviceNotification
GetPropW
GetSysColor
GetClientRect
CallNextHookEx
ReleaseDC
CharNextW
EnumDisplayMonitors
DrawIconEx
DefWindowProcW
DestroyIcon
MoveWindow
UpdateLayeredWindow
SystemParametersInfoW
OpenInputDesktop
GetDoubleClickTime
ClientToScreen

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c27d27dcaa4ec4c7657f7f61fb45f6e

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

msvcrt

kernel32

gdi32

atl

ole32

advapi32

user32

Sections

.text Size: 169KB - Virtual size: 169KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 33KB - Virtual size: 548KB

.text
Size: 169KB - Virtual size: 169KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 33KB - Virtual size: 548KB