63aac01e126c4ac58f074c7140501d8c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63aac01e126c4ac58f074c7140501d8c_JaffaCakes118
Size

555KB
MD5

63aac01e126c4ac58f074c7140501d8c
SHA1

1664a9dae2adfe814709a07aa65d698f0964a661
SHA256

0f863138e5776e3bc0b8bf5cce8f26b2ee62b7bdd7ab0edf8c50abfd616fb598
SHA512

1c2c915b95e500eef2a3e468d88a934559be60a4ed03e336d4fcd70f750aad00b8546fe6415afd6ab9f3aeda988791351310995ee44c1b4b74c31850bbfedd0d
SSDEEP

12288:XdcRDhTejRjZoPxbXJnkugOASsRCQR6q3SlXlHWQNRowbMuFpLMUvNX:AD9elKPbkWA1RCQNS3jpLMUvh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63aac01e126c4ac58f074c7140501d8c_JaffaCakes118

Files

63aac01e126c4ac58f074c7140501d8c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2aae93aaced6c2b2da9b8d4ca71f2acb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
EnumCalendarInfoW
ScrollConsoleScreenBufferA
GetLogicalDriveStringsA
GetThreadContext
FormatMessageW
LocalSize
GetUserDefaultLangID
GetProfileStringA
GetSystemTime
SystemTimeToFileTime
FindFirstFileExW
DosDateTimeToFileTime
GetUserDefaultLCID
GetThreadPriority
DuplicateHandle
FindResourceExW
CancelIo
WaitNamedPipeA
GlobalReAlloc
VirtualQueryEx
PulseEvent
_hread
FindFirstFileW
VirtualAlloc
GetShortPathNameA
GetSystemDefaultLangID
SetFileTime
AreFileApisANSI
OutputDebugStringA
GetOEMCP
GetSystemDirectoryW
ClearCommBreak
GlobalAddAtomA
GetModuleFileNameW
GetFileInformationByHandle
GetTickCount
OpenFile
GetProcessHeap
GetPrivateProfileStringW
FreeEnvironmentStringsA
RemoveDirectoryW
GenerateConsoleCtrlEvent
SetErrorMode
GetConsoleMode
CreateNamedPipeW
GlobalFlags
QueryDosDeviceA
GetWindowsDirectoryA
SetStdHandle
ReadConsoleOutputA
Beep
SuspendThread
lstrcpynA
ExitProcess

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA

user32

AdjustWindowRect
MessageBoxA
VkKeyScanW
DestroyAcceleratorTable
LoadKeyboardLayoutW
SubtractRect
EnumThreadWindows
BringWindowToTop
LoadBitmapA
GetWindowWord
GetWindowTextLengthA
WindowFromDC
GetProcessWindowStation
SetMenuInfo
ExcludeUpdateRgn
GetIconInfo
ChangeDisplaySettingsExA
CharLowerW
DialogBoxParamA
IsDlgButtonChecked
SetWindowLongA
SetMenuDefaultItem
UnhookWindowsHook
GetClipboardViewer
CascadeWindows
InsertMenuItemA
DrawAnimatedRects
IsCharAlphaNumericA
MoveWindow
LoadMenuIndirectA
GetKeyboardType

advapi32

IsTextUnicode
RegCreateKeyW
EnumDependentServicesA
ObjectDeleteAuditAlarmW
GetSecurityDescriptorSacl
StartServiceCtrlDispatcherW
RegEnumKeyA
CryptGetProvParam
RegSetValueExA

gdi32

SetBkMode
MoveToEx
SetPolyFillMode
SetTextColor
SetViewportExtEx
PathToRegion
SetDIBColorTable
SetTextCharacterExtra

oleaut32

SafeArrayCreate

Sections

.text
Size: 2KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aae93aaced6c2b2da9b8d4ca71f2acb

Headers

File Characteristics

Imports

kernel32

version

user32

advapi32

gdi32

oleaut32

Sections

.text Size: 2KB - Virtual size: 217KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 247KB - Virtual size: 246KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 2KB - Virtual size: 217KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 247KB - Virtual size: 246KB

.rsrc
Size: 16KB - Virtual size: 15KB