69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118
Size

283KB
MD5

69f4afa0e9416929faf7e7cfd5043b7e
SHA1

7774a4677251fd42dca5b7e036fe2a38e722330c
SHA256

a8ab6b10dca86aae22695763da5407b0e09d90fb58588ffcb84207469cae99c7
SHA512

9a4be224258b28d898fc7f0cba237d16b873ff7b28d0ce1b40792b4821fabab8c7d1685adca19bfba0269883e1c4fbab57368f029da6ba98a6bd3bca5c7854bf
SSDEEP

6144:8AR2yMc7Aogde44yCfoEyah2u1ZarBqBtgcmnhHQ48nAUNDt:lL+3XFCfn18BytgcWhHyrR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118

Files

69f4afa0e9416929faf7e7cfd5043b7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c35b454a7480949cbbcc0599dee18dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
lstrcmpA
GetProcAddress

user32

GetSystemMetrics
DestroyMenu
RegisterClassExW
PostMessageW
SetWindowLongW
UpdateLayeredWindow
SendDlgItemMessageW
IsChild
GetKeyboardType
LoadMenuIndirectA
InsertMenuA
MessageBoxIndirectA
GetClassInfoExW
AdjustWindowRect
EndMenu
RegisterClassA
SetDlgItemTextA
wvsprintfA
TrackPopupMenuEx
GetDlgItemTextA
ShowCaret
ActivateKeyboardLayout
EndDialog
MessageBeep
mouse_event
UnregisterClassA
wsprintfW
AppendMenuW
CreatePopupMenu
GetAsyncKeyState
GetSysColor
CreateWindowExA
GetMenuItemInfoA
GetDesktopWindow
GetMenuStringA
AppendMenuA
GetSysColorBrush
GetMenu

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

polstore

IPSecFreePolStr
IPSecEnumFilterData
IPSecDeleteFilterData
IPSecAssignPolicy
IPSecFreeFilterData
IPSecFreeMulNegPolData
IPSecCreateNFAData
IPSecSetFilterData

gdi32

GetTextExtentPointW
CreateEllipticRgn
RemoveFontResourceA
DeleteObject
RemoveFontResourceExA
CreateHatchBrush
ExtCreateRegion
CreateMetaFileW
CreateDIBPatternBrushPt
CreateBrushIndirect

dinput8

DirectInput8Create

Sections

.icode
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qhb
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.R
Size: 2KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 104KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T
Size: 4KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 108KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PHvD
Size: 4KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t
Size: 2KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c35b454a7480949cbbcc0599dee18dd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

polstore

gdi32

dinput8

Sections

.icode Size: 10KB - Virtual size: 9KB

.text Size: 11KB - Virtual size: 11KB

.qhb Size: 512B - Virtual size: 37KB

.rdata Size: 3KB - Virtual size: 13KB

.R Size: 2KB - Virtual size: 207KB

.edata Size: 104KB - Virtual size: 171KB

.T Size: 4KB - Virtual size: 816KB

.data Size: 8KB - Virtual size: 370KB

.edata Size: 108KB - Virtual size: 190KB

.PHvD Size: 4KB - Virtual size: 367KB

.t Size: 2KB - Virtual size: 241KB

.rsrc Size: 25KB - Virtual size: 24KB

.icode
Size: 10KB - Virtual size: 9KB

.text
Size: 11KB - Virtual size: 11KB

.qhb
Size: 512B - Virtual size: 37KB

.rdata
Size: 3KB - Virtual size: 13KB

.R
Size: 2KB - Virtual size: 207KB

.edata
Size: 104KB - Virtual size: 171KB

.T
Size: 4KB - Virtual size: 816KB

.data
Size: 8KB - Virtual size: 370KB

.edata
Size: 108KB - Virtual size: 190KB

.PHvD
Size: 4KB - Virtual size: 367KB

.t
Size: 2KB - Virtual size: 241KB

.rsrc
Size: 25KB - Virtual size: 24KB