31e30470ba81fb7fa6cd81c942fa3dd9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31e30470ba81fb7fa6cd81c942fa3dd9_JaffaCakes118
Size

252KB
MD5

31e30470ba81fb7fa6cd81c942fa3dd9
SHA1

8de1279edf8579fb475782d459eb5b4fea66e84f
SHA256

1a4c67116ba6e2cf8a2337e524ae3f99c22df68def692f288bb3e7e9ff883348
SHA512

85232fdf315e92da2804e3f5fb4e6451c1f88dc9c537e45b89edf2c7a2229cc5724d321c73d1e644036e36ec42c8da8bebd28bc9c87ae739dacc81d616e1b1e4
SSDEEP

6144:73mngbpIcmwT5DTptIc1a2JI+8lP8kkbPe8hYM:7ucT5PpSJ2AlP87hSM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31e30470ba81fb7fa6cd81c942fa3dd9_JaffaCakes118

Files

31e30470ba81fb7fa6cd81c942fa3dd9_JaffaCakes118
.exe windows:6 windows x86 arch:x86

df679e12f20b462913b7f8daad253083

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

hid

HidD_FreePreparsedData
HidD_GetProductString
HidP_GetUsageValue
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetHidGuid
HidP_MaxUsageListLength
HidP_GetSpecificValueCaps

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiGetClassDevsExW

user32

DestroyWindow
SetCursorPos
IntersectRect
SendInput
MonitorFromPoint
DispatchMessageW
GetSysColorBrush
OpenDesktopW
GetWindowLongW
LoadImageW
PostThreadMessageW
CallNextHookEx
MoveWindow
ShowWindow
DefWindowProcW
DrawIconEx
InflateRect
GetMonitorInfoW
GetThreadDesktop
SetWindowsHookExW
GetSystemMetrics
GetAncestor
CreateWindowExW
EnumDisplayMonitors
EnumDisplaySettingsW
DestroyIcon
ClientToScreen
MonitorFromWindow
EqualRect
CharNextW
SetThreadDesktop
SetWindowLongW
GetSysColor
PtInRect
FillRect

advapi32

SetSecurityDescriptorDacl
GetLengthSid
SetSecurityDescriptorGroup
RegOpenKeyExA
RegCloseKey
OpenThreadToken
RegOpenKeyW
CopySid
RegOpenKeyExW
SetSecurityDescriptorOwner

msvcrt

__wgetmainargs
__p__commode
_wcsicmp
_initterm
??3@YAXPAX@Z
exit
_itow
_c_exit
__CxxFrameHandler
wcsstr
__dllonexit
_cexit
_onexit
__set_app_type
_beginthreadex
fclose
_vsnwprintf
_adjust_fdiv
wcscmp
_controlfp
_XcptFilter
__setusermatherr
__p__fmode

atl

ord57
ord32
ord44
ord20
ord18
ord23
ord16
ord43

gdi32

DeleteObject
CreateCompatibleBitmap

kernel32

InitializeCriticalSection
VerifyVersionInfoW
GetTickCount
VirtualAlloc
HeapAlloc
MulDiv
GetLastError
WaitForMultipleObjects
LoadLibraryW
CancelIo
InterlockedDecrement
VirtualFree
GetModuleHandleA
CompareStringW
GlobalAddAtomW
GetProcessHeap
GetCommandLineW
WaitForSingleObject
CloseHandle
CreateFileW
HeapFree
MapViewOfFile
CloseHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
QueryPerformanceCounter
GetSystemDirectoryW
GetProcessWorkingSetSize
SetPriorityClass
SetProcessShutdownParameters
CreateFileMappingW
SetWaitableTimer
GetCurrentThread
SetThreadExecutionState

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df679e12f20b462913b7f8daad253083

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

user32

advapi32

msvcrt

atl

gdi32

kernel32

ole32

Sections

.text Size: 189KB - Virtual size: 189KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 5KB - Virtual size: 568KB

.text
Size: 189KB - Virtual size: 189KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 5KB - Virtual size: 568KB