6acdc1776d456551236501d23af83322_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6acdc1776d456551236501d23af83322_JaffaCakes118
Size

251KB
MD5

6acdc1776d456551236501d23af83322
SHA1

baff584241dc973abf9aedc47271d12ffc150b5d
SHA256

97228c54b7b1328337bf85b6f0e540fb8279f7a7cb9853a7f80b6e7f27c49752
SHA512

0aa83fdfb54ee392188a4b839b359655f4fd72f6837543c7ce8242a3d75abbc96ac27a6a75e74ed334d518eb27976476284beca4347d5bb7f5739ce9828819c3
SSDEEP

3072:0vGc9mRsn+wy4xJrpmzkFif+weU2AS/VXd+xfnTSZy1pLYAgR2XPAxgPCf:smRsn+b4JUf9eU/Sz+hTSZopsmfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6acdc1776d456551236501d23af83322_JaffaCakes118

Files

6acdc1776d456551236501d23af83322_JaffaCakes118
.exe windows:7 windows x86 arch:x86

2b22db6d11c9eca3999aec787f56d1d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

atl

ord57
ord16
ord44
ord23
ord32

msvcrt

wcstol
_except_handler3
_wcmdln
_cexit
_onexit
__p__commode
fputws
_XcptFilter
_initterm
__CxxFrameHandler
_c_exit
__setusermatherr
??2@YAPAXI@Z
exit
_exit
_ftol
_CxxThrowException
swscanf
wcscmp
_itow
wcslen
_beginthreadex
fclose
_purecall

kernel32

ResetEvent
GetStartupInfoW
lstrlenW
DeleteCriticalSection
VerifyVersionInfoW
GetTickCount
CompareStringW
GetProcAddress
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjectsEx
GlobalAddAtomW
QueryPerformanceFrequency
GetModuleHandleA
SetWaitableTimer
EnterCriticalSection
LoadLibraryW
ReadFile
GetTickCount
GetSystemDirectoryW
InterlockedDecrement
GetProcessWorkingSetSize
lstrcpyW
CloseHandle
GetCommandLineW
SetPriorityClass
InitializeCriticalSection
VirtualAlloc
GetCurrentThreadId
SetThreadPriority
DuplicateHandle
CreateMutexW
VirtualFree
HeapAlloc
SetEvent
FreeLibrary
MulDiv
CreateFileMappingW
ReleaseMutex

gdi32

DeleteObject
GetDeviceCaps
CreateSolidBrush
DeleteDC
CreateCompatibleBitmap

advapi32

RegSetValueW
RegCreateKeyW
RegSetValueExW
RegEnumKeyW
RegQueryValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegCreateKeyExW
GetTokenInformation
SetSecurityDescriptorDacl

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW

user32

MonitorFromPoint
GetSysColor
MoveWindow
PostThreadMessageW
RegisterDeviceNotificationW
GetSystemMetrics
RegisterWindowMessageW
EnumDisplayMonitors
SetThreadDesktop
GetSysColorBrush
ShowWindow
GetThreadDesktop
OpenDesktopW
DestroyIcon
PtInRect
SetWindowsHookExW
GetWindowLongW
UnregisterDeviceNotification
CallWindowProcW
GetDoubleClickTime
GetMessageW
GetClientRect
UpdateLayeredWindow
DestroyWindow
LoadStringW
DrawIconEx
GetUserObjectInformationW
CharNextW
IsWindow
GetMonitorInfoW
SetCursorPos
GetAncestor
CallNextHookEx
ClientToScreen
GetDC
CloseDesktop

ole32

CoTaskMemFree
CoInitializeEx
CoUninitialize
CoInitializeSecurity

hid

HidP_MaxUsageListLength
HidD_FreePreparsedData
HidD_GetPreparsedData
HidP_GetCaps
HidP_GetSpecificValueCaps
HidD_GetHidGuid
HidP_GetSpecificButtonCaps

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b22db6d11c9eca3999aec787f56d1d4

Headers

DLL Characteristics

File Characteristics

Imports

atl

msvcrt

kernel32

gdi32

advapi32

setupapi

user32

ole32

hid

Sections

.text Size: 182KB - Virtual size: 182KB

.data Size: 60KB - Virtual size: 60KB

.rsrc Size: 7KB - Virtual size: 584KB

.text
Size: 182KB - Virtual size: 182KB

.data
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 7KB - Virtual size: 584KB