6a222c89192a976583491b5f729a2bd8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a222c89192a976583491b5f729a2bd8_JaffaCakes118
Size

268KB
MD5

6a222c89192a976583491b5f729a2bd8
SHA1

15dba95397062a54988696d46210d1dac44dfa04
SHA256

5e15b734cd4810081e12c5f57c4cd7f8ba9da7081764bdf371fbf0f2ff5f619d
SHA512

2b602767b7bd13cde598a0b68a4637f850924b2ea882497ba3a1456263af19703c95b9015e481bf49813ad51d1334f2900e031ff939c574c2c78755e41f906e4
SSDEEP

6144:2EbQVmgmSY27iSsxGw0sRurWAHAGiwRWkouFjzMliDed:2YQVm7zSs2CuViCWluFPTDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a222c89192a976583491b5f729a2bd8_JaffaCakes118

Files

6a222c89192a976583491b5f729a2bd8_JaffaCakes118
.exe windows:6 windows x86 arch:x86

92350215306c8cbb2ee6fd2e12b8d1b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

hid

HidD_GetHidGuid
HidP_GetSpecificValueCaps
HidP_GetUsages
HidD_GetAttributes

msvcrt

__p__fmode
_c_exit
_ftol
_itow
fputws
_controlfp
_wcsicmp
fclose
_exit
free
exit
malloc
_XcptFilter
_wcmdln
??1type_info@@UAE@XZ
wcscmp
_beginthreadex
__setusermatherr

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

user32

GetMessageW
EnumDisplaySettingsW
GetSystemMetrics
CharNextW
PostThreadMessageW
GetSysColorBrush
MonitorFromPoint
LoadStringW
CloseDesktop
GetPropW
GetDC
SendInput
GetSysColor
GetAncestor
ReleaseDC
UnregisterDeviceNotification
RegisterWindowMessageW
DestroyIcon
PtInRect
SetCursorPos
SetWindowLongW

gdi32

CreateCompatibleDC
DeleteDC
CreateSolidBrush
DeleteObject

atl

ord30
ord58
ord17
ord45
ord32
ord57

kernel32

VerSetConditionMask
CompareStringW
WaitForSingleObject
CreateMutexW
GetTickCount
SetWaitableTimer
GetCurrentProcess
VirtualFree
GetStartupInfoW
GetLastError
DeleteCriticalSection
GetTickCount
CloseHandle
ResetEvent
lstrlenW
GetCurrentThread
InterlockedDecrement
SetThreadExecutionState
SetProcessShutdownParameters
GetStdHandle
VerifyVersionInfoW
SetPriorityClass
OpenProcess
LoadLibraryW
VirtualAlloc
GetOverlappedResult
GetProcAddress
SetProcessShutdownParameters
ReadFile
GlobalAddAtomW
GlobalDeleteAtom
LeaveCriticalSection
MapViewOfFile
ReleaseMutex
CancelIo

ole32

CoTaskMemFree

advapi32

RegOpenKeyW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
GetLengthSid
RegCreateKeyW
OpenThreadToken

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92350215306c8cbb2ee6fd2e12b8d1b9

Headers

DLL Characteristics

File Characteristics

Imports

hid

msvcrt

setupapi

user32

gdi32

atl

kernel32

ole32

advapi32

Sections

.text Size: 213KB - Virtual size: 213KB

.data Size: 33KB - Virtual size: 32KB

.rsrc Size: 21KB - Virtual size: 572KB

.text
Size: 213KB - Virtual size: 213KB

.data
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 21KB - Virtual size: 572KB