44e3bd972337842562352af27a0789f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

44e3bd972337842562352af27a0789f2_JaffaCakes118
Size

92KB
MD5

44e3bd972337842562352af27a0789f2
SHA1

920c7bb8b63ef1db2654398b31532157708774d3
SHA256

65d3a7c6a1e5be10b82d04551e32a6042caf800f262f49544a4b4771e5e3a989
SHA512

560d86cc12f55c313a145fb951d527dcb26477c7a45b485930e2168ca2da0e729974c286398e17e0cf1005556df42293fb422324205ba663436c55ff6f21ee62
SSDEEP

1536:hmPURyl7jCtfA6VuMVUOJnqQ5JgF7YEQmgo59ZODChKlRMPKlg2j9oH78:hQUR86tfA6VvVUop5CjI82DChKlyy2b8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44e3bd972337842562352af27a0789f2_JaffaCakes118

Files

44e3bd972337842562352af27a0789f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3c1d60d817929885e10be6a6a1d67bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInGetNumDevs
waveInGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerClose

user32

TranslateMessage
TrackPopupMenu
SystemParametersInfoA
ShowWindow
SetForegroundWindow
SendMessageA
ReleaseDC
RegisterClassA
PostQuitMessage
PostMessageA
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
InsertMenuItemA
GetWindow
GetSysColor
GetMessageA
GetMenuCheckMarkDimensions
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
DispatchMessageA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA
RegSetKeySecurity
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller

kernel32

SetEvent
SearchPathA
RtlUnwind
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryA
LCMapStringA
HeapReAlloc
HeapFree
SetHandleCount
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
HeapDestroy
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentProcess
GetCommandLineA
GetCPInfo
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
DeviceIoControl
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetOEMCP

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3c1d60d817929885e10be6a6a1d67bb

Headers

File Characteristics

Imports

winmm

user32

advapi32

setupapi

kernel32

Sections

.text Size: 78KB - Virtual size: 80KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 78KB - Virtual size: 80KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB