64744ed6aa272274a8b8390dbf0654f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64744ed6aa272274a8b8390dbf0654f2_JaffaCakes118
Size

288KB
MD5

64744ed6aa272274a8b8390dbf0654f2
SHA1

fc467965bb90ed04071ba6a314ca805936fa3bb7
SHA256

96f95770a752d140f584565a8a360213ac8900053ea622aec870b8bc1ccba4ae
SHA512

74f5e6550b5ca78a4fccdd2a84a1bc866161a88a260973eed40ac5736472cdcc114219cb632e8fe005a344ee201e8072d42ea354de1b17eb9e69dbf4c7746f04
SSDEEP

6144:XPvsaw7ZOgXQlx5ruFU0WVo9TYK1AC6abvGc5IU+:XPUaWZZU0WVsTYK1AC6abP+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64744ed6aa272274a8b8390dbf0654f2_JaffaCakes118

Files

64744ed6aa272274a8b8390dbf0654f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

13c2a1d8c5d9d4a8f7be8f3b15b8b281

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessageW
InflateRect
GetUpdateRect
ModifyMenuW
CreateAcceleratorTableW
DialogBoxParamW
SendMessageTimeoutW
RegisterHotKey
GetKeyState
FillRect
TrackPopupMenu
SetMenuItemBitmaps
RemovePropW
CopyRect
SetCursor
AppendMenuW
RedrawWindow
WindowFromDC
SwitchToThisWindow
GetMenu
RemoveMenu
HiliteMenuItem
DestroyMenu
DeleteMenu
SetCursorPos
LoadStringW
SetMenuInfo
GetWindowLongA

gdi32

CreateDCW
SetDIBColorTable
PlayMetaFile
Ellipse
GetMetaFileA
CreateRectRgnIndirect
DeleteObject
SelectPalette
GetWindowOrgEx
GetPaletteEntries
Polygon
GetObjectW
RectVisible
GetFontData
CombineRgn
GetObjectA
ExcludeClipRect
CreateDiscardableBitmap
DrawEscape
SetBrushOrgEx
CreateFontIndirectA
GetTextMetricsA
ExtTextOutW

msvcrt

tmpnam
wcscspn
realloc
remove
isalnum
srand
fputc
strcpy
fwrite
tolower
memcpy
islower
calloc

comctl32

ImageList_Remove
ImageList_GetIconSize
ImageList_Read
PropertySheetW
ImageList_AddMasked
ImageList_Destroy
CreateToolbarEx
PropertySheetA
ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_GetImageCount

crypt32

CryptProtectData
CryptHashPublicKeyInfo
CertFreeCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore

kernel32

Sleep
CreateMutexW
LocalUnlock
GetCPInfoExW
SearchPathA
OpenMutexW
GetThreadTimes
CreateSemaphoreW
GetSystemInfo
SetLocaleInfoW
LoadLibraryExA
GetProcessAffinityMask
CreateWaitableTimerW
CreateMutexA
GetShortPathNameW
GetCommConfig
FindResourceW
HeapAlloc
HeapFree
lstrcpynW
WideCharToMultiByte
GetComputerNameW
EnumSystemLocalesA
GetStdHandle
WaitForSingleObject
GetTickCount
GetPrivateProfileStringW
GetProcessHeap
SetEndOfFile

winspool.drv

AddMonitorA
ConfigurePortA

Exports

Exports

_UnWcB_egi_mwp_Lh@16
_ZkB_bugeh_p@4
_EaTc_dyYn_og@16
_NjVjl_nxivV_xoq@16

Sections

.code
Size: 1024B - Virtual size: 283KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c2a1d8c5d9d4a8f7be8f3b15b8b281

Headers

File Characteristics

Imports

user32

gdi32

msvcrt

comctl32

crypt32

kernel32

winspool.drv

Exports

Exports

Sections

.code Size: 1024B - Virtual size: 283KB

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 250KB - Virtual size: 250KB

.reloc Size: 1024B - Virtual size: 694B

.code
Size: 1024B - Virtual size: 283KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 250KB - Virtual size: 250KB

.reloc
Size: 1024B - Virtual size: 694B