499dfeabcce1d118f8c2b58647415099_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

499dfeabcce1d118f8c2b58647415099_JaffaCakes118
Size

253KB
MD5

499dfeabcce1d118f8c2b58647415099
SHA1

d04b9ae678ff15e7358b06315fb3253a758562ec
SHA256

2c289f8156beb08ecb1df25f731e494df33e6a2bc1d3376b78457db8b0cb46a5
SHA512

35ba70868af58d564bd5b61e1ae54cbdc95a968a48f1ec6cc8ac8a0699ac97948849c677463b029972affef383d0e1b26c4cbe78292b3570a300cff09138a5f1
SSDEEP

3072:4aSh7D7ktA9SWq5TwnVW2BlnOfJcrhfiF7iH7sD/wVrVZsqTFzpA0tOojB5s03hb:Ubkgx82eShqligDW/yAOotdhk/wB7DeS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
499dfeabcce1d118f8c2b58647415099_JaffaCakes118

Files

499dfeabcce1d118f8c2b58647415099_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateEventW
FreeLibrary
RemoveDirectoryW
GetTempPathW
GetTempFileNameW
lstrcpynW
GetModuleHandleW
lstrlenA
lstrlenW
OpenEventW
CompareFileTime
CreateMutexW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcatW
lstrcmpW
GetLocalTime
ExpandEnvironmentStringsW
lstrcpynA
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
GetVolumeInformationW
GetSystemDirectoryW
GetWindowsDirectoryW
LocalAlloc
LocalFree
CreateDirectoryW
LoadLibraryA
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
MessageBoxW
MoveWindow
GetTopWindow
RegisterWindowMessageW
SetTimer
LoadCursorW
GetSystemMetrics
LoadIconW
CopyRect
GetSysColor
PeekMessageW
IsWindow
EnumWindows
PostMessageW
GetCursorPos
DestroyIcon
GetFocus
InvalidateRect
LoadMenuW
GetSubMenu
EnableMenuItem
CheckMenuItem
OffsetRect
SetWindowPos
LoadImageW
SendMessageW
EnableWindow

gdi32

CreatePatternBrush
DeleteObject
CreateSolidBrush
CreatePen
CreateRectRgn
GetStockObject
CreateCompatibleDC
CreateFontIndirectW

advapi32

AddAccessAllowedAce
RegOpenKeyExA
RegQueryValueExA
QueryServiceConfigW
ChangeServiceConfigW
DeleteService
ControlService
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CreateServiceW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
FreeSid
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
SetSecurityDescriptorDacl
RevertToSelf
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
GetUserNameW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

uxtheme

GetThemeFont
GetThemeBackgroundExtent
GetThemeSysBool
GetThemeInt
GetThemeColor
GetCurrentThemeName
GetThemeBool

certmgr

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllInstall

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Mvf
Size: 1024B - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ouxdt
Size: 3KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hOC
Size: 74KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.U
Size: 5KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hUG
Size: 2KB - Virtual size: 575KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Qlxfk
Size: 512B - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ij
Size: 138KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2128f7888f2c622b637401702af2fa3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

uxtheme

certmgr

Sections

.text Size: 15KB - Virtual size: 14KB

.Mvf Size: 1024B - Virtual size: 118KB

.ouxdt Size: 3KB - Virtual size: 563KB

.rdata Size: 4KB - Virtual size: 45KB

.hOC Size: 74KB - Virtual size: 115KB

.U Size: 5KB - Virtual size: 895KB

.hUG Size: 2KB - Virtual size: 575KB

.data Size: 6KB - Virtual size: 281KB

.Qlxfk Size: 512B - Virtual size: 53KB

.ij Size: 138KB - Virtual size: 139KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.Mvf
Size: 1024B - Virtual size: 118KB

.ouxdt
Size: 3KB - Virtual size: 563KB

.rdata
Size: 4KB - Virtual size: 45KB

.hOC
Size: 74KB - Virtual size: 115KB

.U
Size: 5KB - Virtual size: 895KB

.hUG
Size: 2KB - Virtual size: 575KB

.data
Size: 6KB - Virtual size: 281KB

.Qlxfk
Size: 512B - Virtual size: 53KB

.ij
Size: 138KB - Virtual size: 139KB

.rsrc
Size: 2KB - Virtual size: 2KB