93f9745fb0b1a8fedb2b32efda69ca50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93f9745fb0b1a8fedb2b32efda69ca50_JaffaCakes118
Size

90KB
MD5

93f9745fb0b1a8fedb2b32efda69ca50
SHA1

176fca5664bdf9c94264982f89e29838d0e36058
SHA256

d783815085722185cf9c13f0bcc9254000c1744878e63a2f324257035bad5ab5
SHA512

2591104a742c8fc852d735f4f7512620ba74c0197f899fe7d50803b295d6f93ac6ebf2d624c12efed86ab01be137ccaa9205d69aa145c9d36daafee9316aa372
SSDEEP

1536:aeClHWgsRhE1foCs0WuFRrdT5+i3k8G7ESO0SZt6qgRnVJhp4lIH4ponF:aeoWLE1foCszuF9dT57a7dSZoHfhp4le

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93f9745fb0b1a8fedb2b32efda69ca50_JaffaCakes118

Files

93f9745fb0b1a8fedb2b32efda69ca50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eca70ee03fba4f020b0c058d45da6dc7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl

winmm

waveInGetNumDevs
waveInGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerClose

setupapi

SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiSetClassInstallParamsA
SetupDiDestroyDeviceInfoList

user32

PostMessageA
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
InsertMenuItemA
GetWindow
GetSysColor
GetMessageA
PostQuitMessage
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
DispatchMessageA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
RegisterClassA
ReleaseDC
SetForegroundWindow
ShowWindow
SystemParametersInfoA
TranslateMessage
GetMenuCheckMarkDimensions
SendMessageA

kernel32

lstrlenA
lstrcpyA
lstrcmpiA
WinExec
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetHandleCount
SetEvent
SearchPathA
RtlUnwind
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryA
LCMapStringA
HeapFree
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcAddress
GetOEMCP
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentStringsA
GetCommandLineA
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
CreateProcessA
CloseHandle
CreateEventA
CreateMutexA

Exports

Exports

EnumCustomFunctionSettingNext
GetDeviceCount

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eca70ee03fba4f020b0c058d45da6dc7

Headers

File Characteristics

Imports

advapi32

winmm

setupapi

user32

kernel32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 80KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 80KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB