6aacb9f5d28905eda4e397ce71d0e849_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6aacb9f5d28905eda4e397ce71d0e849_JaffaCakes118
Size

254KB
MD5

6aacb9f5d28905eda4e397ce71d0e849
SHA1

92a3a1bcec401596f01ab018b6229e8486688bde
SHA256

46816c6b2a3272c326f6379286e9eb46f8fc7770a8dbcd1e535dd864816c65e5
SHA512

80abefa5c8a330c98a8c3ebb4df15029a2681018666328d85081e7921c58177391200edfc4edaf7b51c1fce81a54d26a78a22107b49b80f605e1250789bb94a8
SSDEEP

6144:kuhwgMsaNxKHC4teNbzor8EtVj8lhSctw8q0B:kzg2jjXAtF9V8q0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aacb9f5d28905eda4e397ce71d0e849_JaffaCakes118

Files

6aacb9f5d28905eda4e397ce71d0e849_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3c25862eb73097f4188b2d051331d72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDevRegKey
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo

kernel32

lstrcpyW
GetCurrentProcess
GetTickCount
FlushInstructionCache
HeapAlloc
CreateEventW
WaitForMultipleObjectsEx
LeaveCriticalSection
GetProcAddress
VerifyVersionInfoW
ResetEvent
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
CompareStringW
GetLastError
GetSystemDirectoryW
CloseHandle
OpenEventW
QueueUserAPC
ReleaseMutex
GetCommandLineW
VirtualFree
GetCurrentThreadId
CancelWaitableTimer
VerSetConditionMask
CreateMutexW
VirtualAllocEx
SetPriorityClass
SetEvent
GetTickCount
GetProcessShutdownParameters
CancelIo
DeleteCriticalSection
SetPriorityClass
MulDiv
CloseHandle

ole32

CoInitializeSecurity
CoCreateInstance
CoTaskMemAlloc
CoUninitialize

atl

ord44
ord58
ord20
ord43
ord23
ord17
ord57
ord32

advapi32

SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenThreadToken
CopySid
OpenProcessToken
GetTokenInformation
RegDeleteKeyW
SetSecurityDescriptorOwner
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyW
RegQueryValueExA

gdi32

CreateCompatibleDC
SelectObject
DeleteObject

hid

HidD_GetPreparsedData
HidP_GetCaps
HidP_GetSpecificValueCaps
HidP_MaxUsageListLength
HidD_FreePreparsedData

user32

GetMessageW
DefWindowProcW
LoadImageW
CreateWindowExW
RegisterWindowMessageW
GetMonitorInfoW
GetPropW
SystemParametersInfoW
EnumDisplaySettingsW
WindowFromPoint
MonitorFromPoint
EnumDisplayMonitors
InflateRect
UnhookWindowsHookEx
SendInput
IsWindow
PostThreadMessageW
GetDC
CallNextHookEx
SetCursorPos
GetClientRect
SetWindowsHookExW
GetThreadDesktop
DispatchMessageW
PtInRect
IntersectRect
ReleaseDC
MoveWindow
SetWindowLongW
GetDesktopWindow
GetDoubleClickTime
RegisterDeviceNotificationW

msvcrt

_controlfp
_cexit
__p__fmode
wcstol
_wcmdln
_XcptFilter
_beginthreadex
_ftol
??1type_info@@UAE@XZ
__setusermatherr
_c_exit
swscanf
_vsnwprintf
wcsstr
__set_app_type
_purecall
_wfopen
??2@YAPAXI@Z
fclose
free
__CxxFrameHandler
_exit
_itow
exit

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3c25862eb73097f4188b2d051331d72

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

ole32

atl

advapi32

gdi32

hid

user32

msvcrt

Sections

.text Size: 186KB - Virtual size: 186KB

.data Size: 59KB - Virtual size: 59KB

.rsrc Size: 7KB - Virtual size: 540KB

.text
Size: 186KB - Virtual size: 186KB

.data
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 7KB - Virtual size: 540KB