3f7a02c9442c8a5b6b73ff28a8c3e44d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f7a02c9442c8a5b6b73ff28a8c3e44d_JaffaCakes118
Size

253KB
MD5

3f7a02c9442c8a5b6b73ff28a8c3e44d
SHA1

b0722e1d34dc88ab06cc5b7e7d97dd8a498acf4c
SHA256

04e99e278b25c427d704d6660f945a5e53014982855ed64f93d19c526a7f5e68
SHA512

6c242f1dbb63ea8586356a26a1e24cc626e31e5ab5f0d2bde9d6fd9e1047a67e5b6d8f35f55d13c0a71b58576ae77527642099eaf7d21297f4e7a1e4d57d7926
SSDEEP

3072:DaSh7D7ktA9SWq5TwnVW2BlnOfJcrhfiF7iH7sD/wVrVZsqTFzpA0tOojB5s03hb:jbkgx82eShqligDW/yAOotdhk/wB7DeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f7a02c9442c8a5b6b73ff28a8c3e44d_JaffaCakes118

Files

3f7a02c9442c8a5b6b73ff28a8c3e44d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateEventW
FreeLibrary
RemoveDirectoryW
GetTempPathW
GetTempFileNameW
lstrcpynW
GetModuleHandleW
lstrlenA
lstrlenW
OpenEventW
CompareFileTime
CreateMutexW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcatW
lstrcmpW
GetLocalTime
ExpandEnvironmentStringsW
lstrcpynA
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
GetVolumeInformationW
GetSystemDirectoryW
GetWindowsDirectoryW
LocalAlloc
LocalFree
CreateDirectoryW
LoadLibraryA
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
MessageBoxW
MoveWindow
GetTopWindow
RegisterWindowMessageW
SetTimer
LoadCursorW
GetSystemMetrics
LoadIconW
CopyRect
GetSysColor
PeekMessageW
IsWindow
EnumWindows
PostMessageW
GetCursorPos
DestroyIcon
GetFocus
InvalidateRect
LoadMenuW
GetSubMenu
EnableMenuItem
CheckMenuItem
OffsetRect
SetWindowPos
LoadImageW
SendMessageW
EnableWindow

gdi32

CreatePatternBrush
DeleteObject
CreateSolidBrush
CreatePen
CreateRectRgn
GetStockObject
CreateCompatibleDC
CreateFontIndirectW

advapi32

AddAccessAllowedAce
RegOpenKeyExA
RegQueryValueExA
QueryServiceConfigW
ChangeServiceConfigW
DeleteService
ControlService
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CreateServiceW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
SetSecurityDescriptorDacl
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
GetUserNameW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

uxtheme

GetThemeFont
GetThemeBackgroundExtent
GetThemeSysBool
GetThemeInt
GetThemeColor
GetCurrentThemeName
GetThemeBool

certmgr

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllInstall

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Mvf
Size: 1024B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ouxdt
Size: 3KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hOC
Size: 74KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.U
Size: 5KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hUG
Size: 2KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qlxfk
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ij
Size: 138KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

uxtheme

certmgr

Sections

.text Size: 15KB - Virtual size: 14KB

.Mvf Size: 1024B - Virtual size: 118KB

.ouxdt Size: 3KB - Virtual size: 563KB

.rdata Size: 4KB - Virtual size: 45KB

.hOC Size: 74KB - Virtual size: 115KB

.U Size: 5KB - Virtual size: 895KB

.hUG Size: 2KB - Virtual size: 575KB

.data Size: 6KB - Virtual size: 281KB

.Qlxfk Size: 512B - Virtual size: 53KB

.ij Size: 138KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.Mvf
Size: 1024B - Virtual size: 118KB

.ouxdt
Size: 3KB - Virtual size: 563KB

.rdata
Size: 4KB - Virtual size: 45KB

.hOC
Size: 74KB - Virtual size: 115KB

.U
Size: 5KB - Virtual size: 895KB

.hUG
Size: 2KB - Virtual size: 575KB

.data
Size: 6KB - Virtual size: 281KB

.Qlxfk
Size: 512B - Virtual size: 53KB

.ij
Size: 138KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB