a174a13077ee09e10472ae3be88b66ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a174a13077ee09e10472ae3be88b66ee_JaffaCakes118
Size

59KB
MD5

a174a13077ee09e10472ae3be88b66ee
SHA1

4259b77563915879aef11cc3afd281eb36fcad9d
SHA256

6068a5fe6be49d4d66243a7b3dc2f1ae2f71040c4225fb31376d1ae9b09f35ee
SHA512

a4ba17b83a2760627f8425d23be01474137ce33629ab6fd61b58bb0568935c2d0ae11297a26717ac8ac7a4d0e7f3f0b15c25b19006da12ebe27264ab4ebc0f58
SSDEEP

1536:6Q9ZP7/izmRS8Eeo1ca+C/eOnH887KOlDw:6Q9ZziCfEP+kesHxdlDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a174a13077ee09e10472ae3be88b66ee_JaffaCakes118

Files

a174a13077ee09e10472ae3be88b66ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7af1a224261c63d77d6f711a2994605d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
MonitorFromPoint
ChangeMenuA
VkKeyScanA
DrawTextExA
RegisterWindowMessageA
ScrollDC
DdeNameService
GetProcessDefaultLayout
OemToCharA
GetDoubleClickTime
LoadMenuIndirectA
RemovePropA
GetScrollBarInfo
DlgDirSelectExA
DestroyAcceleratorTable
DrawFrame
GetClassWord
SetWindowContextHelpId
ShowCursor
GetUserObjectSecurity
CreateWindowExA
wvsprintfA
IsWindowUnicode
MapVirtualKeyExA
InSendMessage
UnpackDDElParam
PostQuitMessage
SetDebugErrorLevel
EnableScrollBar
ExcludeUpdateRgn
EnumPropsExA
SetKeyboardState
LoadAcceleratorsA
GetAsyncKeyState
CharToOemBuffA
CascadeWindows
AlignRects
TranslateAccelerator
SendIMEMessageExA
SetCaretBlinkTime
ArrangeIconicWindows
GetMenuItemCount
ShowWindowAsync
BringWindowToTop
GetWindowRect
GetClassInfoA
IsCharLowerA
GetNextDlgTabItem
DefMDIChildProcA
FindWindowExA
GetWindowInfo
GetSystemMenu
DestroyMenu

advapi32

SetServiceStatus
RegFlushKey
RevertToSelf
GetSidSubAuthority
CryptGenKey
AddAce
AllocateAndInitializeSid
RegDeleteValueA
AccessCheck
IsTextUnicode
RegQueryValueA
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
CryptContextAddRef
CryptDestroyHash
SetEntriesInAuditListA
GetExplicitEntriesFromAclA
OpenEventLogA
QueryServiceObjectSecurity
GetMultipleTrusteeA
ObjectDeleteAuditAlarmA
GetTrusteeTypeA
BuildSecurityDescriptorA
CryptSignHashA
ControlService
DeregisterEventSource
CryptSetKeyParam
RegSaveKeyA
CryptGetKeyParam
ChangeServiceConfigA
BackupEventLogA
InitializeAcl
RegOpenKeyA
RegConnectRegistryA
CryptEncrypt
CopySid

kernel32

GetModuleFileNameA

Sections

.wngjo
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mda
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fwzav
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdevm
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7af1a224261c63d77d6f711a2994605d

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.wngjo Size: 22KB - Virtual size: 45KB

.mda Size: 5KB - Virtual size: 10KB

.fwzav Size: 1024B - Virtual size: 1KB

.gdevm Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.wngjo
Size: 22KB - Virtual size: 45KB

.mda
Size: 5KB - Virtual size: 10KB

.fwzav
Size: 1024B - Virtual size: 1KB

.gdevm
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB