4adbfa86204cdc9485c375c2103af4ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4adbfa86204cdc9485c375c2103af4ec_JaffaCakes118
Size

324KB
MD5

4adbfa86204cdc9485c375c2103af4ec
SHA1

1eb86ce18549b06a6e7987cacb2d46bb35379e20
SHA256

68348117f1d797867dc09462bbac0eca5d43edba474cf4d0a9a71b251722eb96
SHA512

1b9565ad2f9a5d8daaa08f164db2afcaad29578a17b48fc750b174f249dacd48ce5ec03611c4cabb3c60994c10b0c481bce382fda18c47b60b71ad7aff7c764f
SSDEEP

6144:MaVlqBHScX9wzgRQSsjK/eayR9g+L7Qgb0Rzek2xihv:1lqBHSS9wURNsvaOmE7QO0RV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4adbfa86204cdc9485c375c2103af4ec_JaffaCakes118

Files

4adbfa86204cdc9485c375c2103af4ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed703097654644e8a3e6e3611d4feb8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
FreeLibraryAndExitThread
GetTapeStatus
CreateMutexA
WaitNamedPipeA
ExpandEnvironmentStringsW
ExitProcess
SystemTimeToFileTime
GetDiskFreeSpaceW
SetNamedPipeHandleState
GetCommandLineA
lstrlenA

user32

RegisterClassA
IsCharUpperW
AppendMenuA
SetWindowsHookExW
EnumDisplaySettingsA
ShowOwnedPopups
GetDlgItem
DefDlgProcW
DefFrameProcW
GrayStringA
GetProcessDefaultLayout
SetCursorPos
GetWindowInfo
DrawTextW
GetWindowTextLengthA
GetClassLongW
CloseDesktop
GetAsyncKeyState
GetKeyboardLayoutNameA
IsDialogMessageA
DestroyIcon

gdi32

CreateDIBSection
GetTextCharsetInfo
CreateDIBitmap
CreateEllipticRgn

comdlg32

ChooseColorW

advapi32

BuildTrusteeWithSidW
GetSecurityDescriptorSacl
CryptGetHashParam
GetNamedSecurityInfoW

shell32

SHGetPathFromIDListA
FindExecutableA
ShellExecuteA
SHLoadInProc
SHChangeNotify

ole32

OleRegGetUserType

oleaut32

VariantCopy
SysStringLen
SafeArrayUnaccessData
SafeArrayGetElement
SetErrorInfo
VariantChangeType
SafeArrayGetLBound
SysFreeString

comctl32

ImageList_GetImageInfo

shlwapi

PathIsRelativeA
PathIsSameRootW
ChrCmpIW
PathGetDriveNumberW
StrCmpLogicalW
StrRChrW
PathSkipRootW
PathCanonicalizeA
PathCompactPathW
PathStripPathA
SHRegGetUSValueW
PathStripToRootA
SHDeleteKeyW

setupapi

SetupGetBinaryField
SetupOpenInfFileW
SetupDiSetDeviceRegistryPropertyA

Sections

kyokec
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qsegag
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

wqkeeo
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

myswmso
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed703097654644e8a3e6e3611d4feb8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

kyokec Size: 292KB - Virtual size: 289KB

qsegag Size: 4KB - Virtual size: 2KB

wqkeeo Size: 20KB - Virtual size: 18KB

myswmso Size: 4KB - Virtual size: 1KB

kyokec
Size: 292KB - Virtual size: 289KB

qsegag
Size: 4KB - Virtual size: 2KB

wqkeeo
Size: 20KB - Virtual size: 18KB

myswmso
Size: 4KB - Virtual size: 1KB