89b5f7e7c0f60ae86512126ea616800b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89b5f7e7c0f60ae86512126ea616800b_JaffaCakes118
Size

52KB
MD5

89b5f7e7c0f60ae86512126ea616800b
SHA1

0553a1095659f7fde1fd7beacd84d9597f74b7fe
SHA256

381f73d0b703f9ccdde9e8cb34452738e069dc6389af4086be0fa84683f5095d
SHA512

5381a9a5b0e1260b57f4b49113794282046b37249c6eb7b71c509265a58777fc4f5e461ce7f3e731da30d52c1e77a9058049cb7a0e3507aa5879408b5f6c75e9
SSDEEP

1536:imvrnfOfaaLjwPeQyRNzCQM+KlPBK/9zOfBENNELY:HjWNkWQyRNWQ6P0/9qfYE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b5f7e7c0f60ae86512126ea616800b_JaffaCakes118

Files

89b5f7e7c0f60ae86512126ea616800b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupInstallFromInfSectionA
SetupInstallServicesFromInfSectionA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

WaitForSingleObject
RemoveDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetEvent
OpenEventA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
RaiseException
InitializeCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetCurrentProcess
GetCurrentThread
GetTickCount
GetSystemDirectoryA
LoadResource
CreateMutexA
LoadLibraryW
LocalFree
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoW
IsValidCodePage
IsValidLocale
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
IsBadCodePtr
IsBadReadPtr
Sleep
LoadLibraryA
FreeLibrary
GetLastError
GetModuleHandleA
GetModuleFileNameA
IsBadWritePtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetTempPathA
GetProcessHeap
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
ExitProcess
GetFileAttributesA
GetSystemInfo
GetOEMCP
GetCPInfo
TlsAlloc
QueryPerformanceCounter
FatalAppExitA
HeapCreate
lstrcmpA
GetProcAddress

user32

FindWindowA
wsprintfA
PostMessageA
GetSystemMetrics
MessageBoxA
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
RegisterWindowMessageA

advapi32

RegFlushKey
RegCreateKeyExA
ImpersonateSelf
RevertToSelf
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
StartServiceA
ControlService
DeleteService
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
RegQueryInfoKeyA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

serialui

drvCommConfigDialogA
drvGetDefaultCommConfigW
drvCommConfigDialogW
drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvGetDefaultCommConfigA

kbdlt1

KbdLayerDescriptor

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UsuNF
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pUXjU
Size: 5KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hVkpe
Size: 8KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yIAWaW
Size: 2KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kswLe
Size: 8KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

Imports

setupapi

psapi

kernel32

user32

advapi32

shell32

ole32

serialui

kbdlt1

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 16KB

.UsuNF Size: 1024B - Virtual size: 37KB

.pUXjU Size: 5KB - Virtual size: 81KB

.hVkpe Size: 8KB - Virtual size: 101KB

.yIAWaW Size: 2KB - Virtual size: 47KB

.data Size: 6KB - Virtual size: 50KB

.kswLe Size: 8KB - Virtual size: 100KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 16KB

.UsuNF
Size: 1024B - Virtual size: 37KB

.pUXjU
Size: 5KB - Virtual size: 81KB

.hVkpe
Size: 8KB - Virtual size: 101KB

.yIAWaW
Size: 2KB - Virtual size: 47KB

.data
Size: 6KB - Virtual size: 50KB

.kswLe
Size: 8KB - Virtual size: 100KB

.rsrc
Size: 2KB - Virtual size: 1KB