65e53daec0bc3596e16473923139c064_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

65e53daec0bc3596e16473923139c064_JaffaCakes118
Size

248KB
MD5

65e53daec0bc3596e16473923139c064
SHA1

28cd7fdc2793022448b29840bfd6cd8613ae747a
SHA256

282172e6817f5aa33c80a39dada6f0548f49e4597815eb5998706de4aac4aa7c
SHA512

f4adc97d2548adcce8b688b35640eb7a74ba65ffcc4f835a0d3e81a2aebe023aeacfc6f275f2673c81983024e8a4013b215f516ed257afe116b0f40fd82087af
SSDEEP

6144:FSnB6U6VR4wisVRcRT3tZi0ou7KTeo053Ly9:FSB6LR4hRT3LMupA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65e53daec0bc3596e16473923139c064_JaffaCakes118

Files

65e53daec0bc3596e16473923139c064_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1d04b27aa6ae81cf8833957802629ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
GetVolumeInformationW
RaiseException
FindFirstFileA
GetCompressedFileSizeW
GetEnvironmentStringsW
CreatePipe
FindResourceExA
GetFullPathNameA
OutputDebugStringW
GetPrivateProfileStringA
GetDriveTypeW
AreFileApisANSI
ReadFile
GetTempPathW
ExitProcess
GetCommandLineA
lstrlenA
VirtualAlloc

user32

EndDialog
AttachThreadInput
LoadImageW
SubtractRect
GetSystemMetrics
MapVirtualKeyExW
CreateAcceleratorTableA
GetSubMenu
SetWindowLongA
VkKeyScanA
HiliteMenuItem
GetNextDlgGroupItem
LoadMenuW
OpenWindowStationW
LoadBitmapW
GetMessageW
AppendMenuA
GetDialogBaseUnits
LoadImageA
ChangeDisplaySettingsA
OpenInputDesktop
SetUserObjectInformationW
IsDialogMessageA
PeekMessageA
ValidateRect
IsCharAlphaW
MapWindowPoints
wsprintfA
CreateDialogParamW
CountClipboardFormats
GetUserObjectSecurity
SendNotifyMessageW
CallWindowProcA
IsCharUpperW
IsCharUpperA
RegisterClipboardFormatW
GetDC

gdi32

CreateRectRgnIndirect
GetDIBColorTable
DescribePixelFormat
GetSystemPaletteEntries
EnumObjects
GetTextFaceA
EnumFontFamiliesExA
Pie

comdlg32

CommDlgExtendedError
FindTextA
PrintDlgW

advapi32

RegConnectRegistryA
LookupPrivilegeDisplayNameA
RegisterServiceCtrlHandlerW
RegQueryInfoKeyW
MakeAbsoluteSD
RegDeleteValueA
CryptEncrypt
AdjustTokenPrivileges
SetSecurityDescriptorGroup
IsValidSid
CopySid
GetSidLengthRequired
GetNamedSecurityInfoA
IsTextUnicode
GetServiceDisplayNameW
SetSecurityDescriptorDacl
RegEnumKeyExA
CryptDestroyHash
RegLoadKeyW
CryptGetProvParam
SetTokenInformation
IsValidSecurityDescriptor
RegSetValueExW
CryptSetProvParam
SetEntriesInAclA
CreateServiceW
LookupPrivilegeValueA
RegRestoreKeyW
ChangeServiceConfigW

shell32

FindExecutableW
SHLoadInProc

comctl32

ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_GetDragImage
_TrackMouseEvent

shlwapi

PathCanonicalizeW
StrCpyW
StrCmpLogicalW
UrlCanonicalizeW
PathStripToRootW
SHRegWriteUSValueW
PathGetCharTypeW
PathParseIconLocationW
SHCreateStreamOnFileW
SHDeleteKeyA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1d04b27aa6ae81cf8833957802629ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 232KB - Virtual size: 229KB