69746ca7315f8e456fdc5325e134da44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69746ca7315f8e456fdc5325e134da44_JaffaCakes118
Size

84KB
MD5

69746ca7315f8e456fdc5325e134da44
SHA1

38e37ce026fbc542448150c615ff86bc6bfc1ed7
SHA256

aba860a6be926dad7088fe0e38e1458599602729157368515703fddeab8188fa
SHA512

1424a5d2940a7cc3bc510c11527ba3a44fce5c4bb5dda2e45a2cf851edc82d697aea86e4ee24a3b04c3946d2eccdae198ae52f5b9c00944382a109b8e58692c9
SSDEEP

1536:DgKcGIDnORPFKuiPqqhWJaW656W05oPtm5nrDqE2ONWWZPTdPZFuJl99QlE6Kq4s:DgtGUO0Pqqhmao5oPt6Dz2iWWBhZFuJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69746ca7315f8e456fdc5325e134da44_JaffaCakes118

Files

69746ca7315f8e456fdc5325e134da44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BindIoCompletionCallback
CloseHandle
CompareStringW
CreateMailslotA
DebugActiveProcess
EndUpdateResourceW
EraseTape
ExitProcess
FindFirstChangeNotificationA
GetCalendarInfoW
GetCommandLineA
GetDefaultCommConfigW
GetEnvironmentStringsA
GetFileAttributesA
GetFileSizeEx
GetModuleHandleA
GetNamedPipeHandleStateA
GetProfileStringW
GetStartupInfoA
GetStringTypeExA
GetStringTypeExW
GetSystemDefaultLCID
GetUserDefaultLangID
GetVersionExA
GetVolumeNameForVolumeMountPointA
GlobalGetAtomNameW
HeapAlloc
HeapCreate
HeapFree
InitAtomTable
IsProcessorFeaturePresent
LocalSize
LockResource
MultiByteToWideChar
PulseEvent
SetCommTimeouts
SetLocalTime
SetMailslotInfo
SetThreadExecutionState
UnhandledExceptionFilter
UpdateResourceW
VirtualUnlock
_lopen
lstrcpynA

user32

ScrollWindowEx
SetClassLongA
ScreenToClient
ReleaseDC
RegisterWindowMessageA
PostQuitMessage
MsgWaitForMultipleObjects
IsZoomed
GetWindowDC
GetUpdateRgn
GetScrollInfo
GetFocus
GetCapture
EndPaint
EnableWindow
SetWindowLongA
SetWindowPos
UpdateWindow
EnableMenuItem
DrawFrameControl
DrawEdge
DefFrameProcA
CreateIconIndirect
CheckMenuRadioItem
BeginPaint
BeginDeferWindowPos
SetFocus

advapi32

OpenSCManagerW
QueryServiceConfig2A
ObjectCloseAuditAlarmA
LsaFreeMemory
InitiateSystemShutdownExW
EncryptFileW
ElfBackupEventLogFileA
DeregisterEventSource
CryptSignHashW
CryptGetKeyParam
CryptExportKey
CryptCreateHash
CryptAcquireContextA
CreateWellKnownSid
ConvertToAutoInheritPrivateObjectSecurity
ConvertStringSDToSDRootDomainA
ConvertSecurityDescriptorToAccessNamedA
CloseEncryptedFileRaw
AllocateLocallyUniqueId
AbortSystemShutdownA
QueryServiceConfig2W
StartServiceCtrlDispatcherW
RegReplaceKeyA
SetTraceCallback
SetAclInformation

olepro32

OleLoadPicture
OleCreateFontIndirect

oleacc

GetRoleTextA
GetStateTextW
ObjectFromLresult

security

VerifySignature
FreeContextBuffer
QueryContextAttributesA
QuerySecurityPackageInfoW

comctl32

ImageList_Write
CreateStatusWindowA
DrawStatusTextW
FlatSB_SetScrollProp
GetEffectiveClientRect
ImageList_BeginDrag
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetImageRect
ImageList_SetIconSize
ImageList_SetImageCount
PropertySheetA

oledlg

OleUIAddVerbMenuA
OleUIAddVerbMenuW
OleUIInsertObjectA

comdlg32

ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
PrintDlgA
PrintDlgExW
ReplaceTextA
PrintDlgW

Sections

.text
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

security

comctl32

oledlg

comdlg32

Sections

.text Size: 52KB - Virtual size: 56KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 56KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB