78e993663fa79ad4cfd770d91a85e16b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78e993663fa79ad4cfd770d91a85e16b_JaffaCakes118
Size

509KB
MD5

78e993663fa79ad4cfd770d91a85e16b
SHA1

eca30f13d4e915abc65fab131dc57b43f3d88cfc
SHA256

25ca402e4e4f7a9b4fe193ce74c0b08c54869080589548cdfbdda2d5e5187f5f
SHA512

7fd8e2a2f231345c434b08782bbc2b7d227f0e2368847c4ffeb371cb3ce2001121b8d8c5d380693df6b92e3476db4589510147b3da324611489a7a256d0b3da9
SSDEEP

12288:rCiprRwRz3odBFZBkp4bKrFa3VfFBwEFjKBncuFO2zvC:zpHFZBkzJa3VzwEFGBcU5DC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e993663fa79ad4cfd770d91a85e16b_JaffaCakes118

Files

78e993663fa79ad4cfd770d91a85e16b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9da2a87c847233cbebb6541094b72b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
ChooseColorA

user32

OemToCharBuffA
SetWindowsHookW
CharLowerBuffA
GetClipboardOwner
WindowFromDC
UnregisterClassA
DestroyCaret
SwitchToThisWindow
GetClipboardFormatNameW
MessageBoxIndirectW
FindWindowExA
CallWindowProcW
TrackPopupMenu
LoadBitmapW
GetClipboardFormatNameA
FlashWindow
EnumDisplaySettingsA
GetWindow
LoadImageW
EndDialog
OemKeyScan
GetAncestor
SetClassLongW
GetDCEx
IsMenu
GetTopWindow
GetMonitorInfoA
DefWindowProcA
SendMessageCallbackW
GetPropA
SetScrollPos
RemovePropA
SetClassLongA
GetWindowTextW
SendNotifyMessageA
DragDetect
EnumDisplayDevicesW
GetClientRect
GetMessageA
IsDlgButtonChecked
SystemParametersInfoA
OpenIcon
MoveWindow
PostMessageW
OpenWindowStationA
ChangeClipboardChain
CreateMDIWindowW
CharNextW
GetWindowLongA
IsWindowVisible
ChangeMenuW
GetKeyboardLayout

advapi32

RegSetValueW
RegGetKeySecurity
IsTextUnicode
CryptGetHashParam
InitializeSecurityDescriptor
ChangeServiceConfigW
LookupPrivilegeDisplayNameA
RegDeleteKeyA
OpenThreadToken
NotifyChangeEventLog
AdjustTokenPrivileges
GetSecurityInfo
DeleteAce
DeregisterEventSource
CryptSetHashParam
RegCreateKeyA
CryptDeriveKey
MapGenericMask
CryptReleaseContext
BuildTrusteeWithSidW
CryptSignHashW
RegOpenKeyW
GetExplicitEntriesFromAclW
EnumDependentServicesW
AbortSystemShutdownA
DuplicateToken
RegisterEventSourceA

oleaut32

SafeArrayGetElement
SafeArrayGetLBound
SafeArrayRedim
QueryPathOfRegTypeLi
SetErrorInfo

kernel32

GetUserDefaultLCID
TlsGetValue
IsProcessorFeaturePresent
GetCurrentDirectoryW
SetVolumeLabelA
SetCommTimeouts
EnumResourceLanguagesW
GetNumberFormatW
ExitThread
WaitNamedPipeA
GetProfileStringA
GetCommConfig
GetEnvironmentStringsW
VirtualAllocEx
GetOverlappedResult
SetEnvironmentVariableA
GetSystemDefaultLangID
GetDiskFreeSpaceW
GetDriveTypeW
EraseTape
GlobalFree
SetLastError
SetEvent
SetConsoleMode
ExitProcess

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9da2a87c847233cbebb6541094b72b1

Headers

File Characteristics

Imports

comdlg32

user32

advapi32

oleaut32

kernel32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 271KB - Virtual size: 271KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 271KB - Virtual size: 271KB

.rsrc
Size: 16KB - Virtual size: 16KB