6887c5ff16c5907e7e74441609474087_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6887c5ff16c5907e7e74441609474087_JaffaCakes118
Size

252KB
MD5

6887c5ff16c5907e7e74441609474087
SHA1

99127b080796ec15d8c1b919bef5818a64d4a7fb
SHA256

18af2d9727cebca1ecad3b4e8620bac5f9a94cf0b279edf402df5fb018421f55
SHA512

35bb6a2b8b93a46f611747a79efff9b970b6113ecde0fc97ffaa555421c5fb2f0fe49b7fcc9d09993ebb76621854725b03fdfdc80ad105ab59e5c826d12e06db
SSDEEP

6144:Y27xe8G7HX5C0qhniarJg+iAYu7pqUtb0vuhB0Td/ToJrASFFrLjZE85:YI9GjXshnisiZu1q3WhB0CZDFJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6887c5ff16c5907e7e74441609474087_JaffaCakes118

Files

6887c5ff16c5907e7e74441609474087_JaffaCakes118
.exe windows:7 windows x86 arch:x86

853cbf5a4c8733687394226d092e2d3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateEventW
VirtualAlloc
MulDiv
GlobalDeleteAtom
CancelWaitableTimer
GetCurrentThread
SetPriorityClass
SetProcessShutdownParameters
SetWaitableTimer
EnterCriticalSection
InterlockedIncrement
VirtualFree
SetPriorityClass
CreateWaitableTimerW
SetThreadPriority
GetTickCount
GetSystemDirectoryW
GetProcAddress
GetTickCount
QueryPerformanceCounter
CloseHandle
GetCurrentThreadId
CloseHandle
GetStartupInfoW
CreateFileW
CreateFileMappingW
ReleaseMutex
QueueUserAPC
OpenProcess
CreateMutexW
GetProcessWorkingSetSize

user32

GetAncestor
GetDC
MoveWindow
PostMessageW
CloseDesktop
GetDesktopWindow
EnumDisplaySettingsW
MonitorFromPoint
GetUserObjectInformationW
SetThreadDesktop
IntersectRect
CharNextW
CreateWindowExW
GetSysColor
GetSystemMetrics
DefWindowProcW
DrawIconEx
GetWindowLongW
EnumDisplayMonitors
PtInRect
OpenInputDesktop
FillRect
RegisterDeviceNotificationW
GetClientRect
OpenDesktopW
SetWindowLongW
UnhookWindowsHookEx

ole32

CoTaskMemFree
CoTaskMemAlloc

advapi32

RegCreateKeyExW
RegQueryValueExW
RegCloseKey
InitializeSecurityDescriptor
RegOpenKeyExA
GetLengthSid
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegEnumKeyW
GetTokenInformation

msvcrt

__dllonexit
_beginthreadex
_controlfp
malloc
free
wcsstr
wcstol
_cexit
_XcptFilter
_vsnwprintf
_wcsicmp
exit

atl

ord16
ord30
ord18
ord23
ord57
ord20

hid

HidP_GetSpecificValueCaps
HidP_GetSpecificButtonCaps
HidD_FreePreparsedData
HidD_GetHidGuid
HidD_GetProductString
HidP_GetUsageValue
HidP_MaxUsageListLength

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
DeleteDC
CreateSolidBrush

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

853cbf5a4c8733687394226d092e2d3e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

advapi32

msvcrt

atl

hid

gdi32

Sections

.text Size: 173KB - Virtual size: 173KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 5KB - Virtual size: 572KB

.text
Size: 173KB - Virtual size: 173KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 5KB - Virtual size: 572KB