443a2d3cc48053c2f8aac9e42c44dfa1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

443a2d3cc48053c2f8aac9e42c44dfa1_JaffaCakes118
Size

684KB
MD5

443a2d3cc48053c2f8aac9e42c44dfa1
SHA1

2c1413a4c6dcd3a2795256ea9ec2b7c3bdba2576
SHA256

8a0bf413fbf5eb72c6f11b3ad5173d77f209a531135b82654a2d832303853535
SHA512

19ef080215b635d14310d8f86f86eb9483e62348a30de51c2aba28f9a73e5364bb518cad8cbfdb55a8ea9acd5b1311aa5f115c7cb1eed17ed5dc738e8b411dfe
SSDEEP

12288:BYqeQm4s5dQxjapoYvorZnn8vyFtfnkoj8t8y/Eico1ju6PZne:6oLsYx2+VZnnd/fko8AoEwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
443a2d3cc48053c2f8aac9e42c44dfa1_JaffaCakes118

Files

443a2d3cc48053c2f8aac9e42c44dfa1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa56473c0e2c50b77cfb5762b244b43d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetSystemTime
ExitProcess
ReadFile
WriteProcessMemory
GetTempFileNameA

user32

GetWindowTextA
TranslateAcceleratorA
DrawIcon
SetWindowsHookW
GetKeyboardType
SetMenuInfo
SetProcessWindowStation
GetUserObjectInformationW
EmptyClipboard
DefFrameProcA
keybd_event
OpenIcon
MonitorFromWindow
CreateDialogParamW
GetTopWindow
SendMessageCallbackW
CharNextA
RemovePropA
mouse_event
GetMenuState
FillRect
FindWindowW
DrawEdge
DestroyCursor
wvsprintfA
SetLastErrorEx
GetMenuItemCount
PostQuitMessage
ReleaseCapture
GetDC
LoadImageA
IntersectRect
InflateRect
SetWindowPlacement
TileWindows
DrawStateW
LoadAcceleratorsW
SetForegroundWindow
ChangeMenuW
IsIconic
IsCharAlphaA
SetActiveWindow
LoadKeyboardLayoutA
GetKeyboardLayout
GrayStringW
CharPrevA
WinHelpA
OemKeyScan
OemToCharBuffA
GetClipboardFormatNameA
SetCapture
LockWindowUpdate
TranslateMDISysAccel
SetRectEmpty

gdi32

PolyPolyline
MaskBlt
GetBitmapBits
GetClipRgn
CreateMetaFileW
SetPolyFillMode
GetFontData
PolyDraw
SetGraphicsMode
SetTextColor
SetTextAlign
Escape
CreatePenIndirect
GetObjectType
GetTextExtentExPointA
GetTextCharsetInfo

advapi32

SetNamedSecurityInfoA
SetThreadToken
RegNotifyChangeKeyValue
RegSetValueExW
ImpersonateSelf

shell32

Shell_NotifyIconA
SHLoadInProc
SHAddToRecentDocs
ShellExecuteA
SHChangeNotify
FindExecutableW

ole32

WriteClassStg
CoMarshalInterThreadInterfaceInStream
CoDisconnectObject
StgSetTimes
CoSwitchCallContext
OleInitialize

shlwapi

PathRemoveFileSpecA
SHDeleteValueW
StrCatW
AssocQueryKeyW
PathGetDriveNumberA
StrChrW
PathCommonPrefixW
StrToIntExW
UrlApplySchemeW
StrCpyW
wvnsprintfW
SHAutoComplete
PathAppendW
SHRegGetUSValueW
SHRegQueryUSValueW

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa56473c0e2c50b77cfb5762b244b43d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 2KB - Virtual size: 219KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 17KB - Virtual size: 16KB