87fae60666999b5523f9c3ad81e3d3f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87fae60666999b5523f9c3ad81e3d3f5_JaffaCakes118
Size

214KB
MD5

87fae60666999b5523f9c3ad81e3d3f5
SHA1

84f97359997684ab3f7777b0ccb50efa3ca8f6f3
SHA256

f8b88a515b13676646ffb1b8281a069ae0158292d5903fc2f940e3a26a88b008
SHA512

6c0aeeb769059fb87a78929c4121bceb1fa9dd5ed57159e4180dba7656822493859077e41f0616e87162174ea65cd25079c11bca7d95f950ba76a0af2a25d010
SSDEEP

3072:oF1Vdh3J2lc7r+ilMEj66ctxyKG7t3m5GvRLngKg3zHLkNinkmSVn+su9o8zfoGJ:oLH66uyK43mokxHoUkFBmEGv53

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87fae60666999b5523f9c3ad81e3d3f5_JaffaCakes118

Files

87fae60666999b5523f9c3ad81e3d3f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3dfde3e6b02a9e06738d0a3a1366cc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
CryptCreateHash
CryptGenRandom
GetUserNameA
OpenSCManagerW
OpenServiceA
RegDeleteKeyW
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExW
RegQueryValueA
RegQueryValueExA

gdi32

CopyEnhMetaFileA
CopyMetaFileA
CreateFontW
CreatePalette
DeleteMetaFile
EnumFontFamiliesA
EnumFontFamiliesExA
ExcludeClipRect
FillRgn
GetRgnBox
GetTextExtentExPointW
GetWinMetaFileBits
IntersectClipRect
MoveToEx
SetArcDirection
SetDIBits
StrokePath
TranslateCharsetInfo

user32

CallNextHookEx
CharLowerA
CreateWindowExA
DrawEdge
DrawIcon
DrawTextA
EnableWindow
GetClassNameA
GetClientRect
GetDesktopWindow
GetDlgItem
GetFocus
GetMenuItemCount
GetScrollRange
GetSubMenu
GetWindowTextA
IsDialogMessageA
IsIconic
IsWindowEnabled
MessageBeep
OpenClipboard
PostMessageA
PostQuitMessage
SetClassLongA
SetForegroundWindow
SetMenu
SetScrollPos
SetWindowPlacement
SetWindowsHookExA

kernel32

CreateProcessA
FindResourceA
FreeEnvironmentStringsA
GetFileSize
GetLastError
GetStartupInfoW
GetTickCount
GetVersion
HeapReAlloc
LoadLibraryA
LoadLibraryExA
OutputDebugStringA
ReleaseMutex
SetEvent
TerminateProcess
WritePrivateProfileStringA

shell32

SHAddToRecentDocs
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteEx

comctl32

CreatePropertySheetPageW
CreateToolbarEx
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControlsEx
PropertySheetW

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WmI4s2qB
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3dfde3e6b02a9e06738d0a3a1366cc6

Headers

File Characteristics

Imports

advapi32

gdi32

user32

kernel32

shell32

comctl32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 22KB - Virtual size: 21KB

WmI4s2qB Size: 1KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 22KB - Virtual size: 21KB

WmI4s2qB
Size: 1KB - Virtual size: 120KB