a2f09cec7011f38bb6477d21c39c15b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2f09cec7011f38bb6477d21c39c15b2_JaffaCakes118
Size

249KB
MD5

a2f09cec7011f38bb6477d21c39c15b2
SHA1

06d36847d951498b99857dbd48ac7285c51784de
SHA256

32880d70aae9c49d07acfe75ba6f19b5c6f5e788c357843bd075eb0b092cd791
SHA512

5e14da503ae0f7e1f32443aa655260031e7e8ec11333521087f9daf767c1c4807151a1ab171524ef757a012d8ddaa287e11a01118b74bbb5e721ac294ca1ee0e
SSDEEP

6144:EbltZ+YtfCRKEhvECP/8L8LJOpEPdADv3NyJNa215tFC:E5tHtEKEhc4OpE1ADfY3au5tFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f09cec7011f38bb6477d21c39c15b2_JaffaCakes118

Files

a2f09cec7011f38bb6477d21c39c15b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41c476cdec983244ac11ddc4c6271dc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
MulDiv
CreateEventW
SetErrorMode
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
MoveFileW
WaitForSingleObject
GetTimeFormatW
CreateMutexW
FileTimeToSystemTime
CompareFileTime
GetLocalTime
GetVolumeInformationW
LocalAlloc
LocalFree
GetDateFormatW
OpenEventW
GetTempPathW
CreateDirectoryW
RemoveDirectoryW
FreeLibrary
GetWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryW
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
SetCapture
SetWindowLongW
GetIconInfo
LoadCursorW
SetCursor
GetFocus
CopyRect
GetSystemMetrics
DestroyIcon
IsWindow
InvalidateRect
SendMessageW
GetSysColor
LoadIconW
LoadImageW
MessageBoxW
EnableWindow

gdi32

CreatePalette
CreateCompatibleDC
CreatePen
GetStockObject
CreateFontIndirectW
CreateSolidBrush
DeleteObject
CreatePatternBrush

advapi32

RevertToSelf
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteW

usp10

UspFreeMem
ScriptCacheGetHeight
ScriptBreak

termmgr

DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.URsGpT
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cAN
Size: 512B - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EQMGgv
Size: 4KB - Virtual size: 765KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.f
Size: 104KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pwa
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SGv
Size: 2KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i
Size: 109KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41c476cdec983244ac11ddc4c6271dc2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

shell32

usp10

termmgr

Sections

.text Size: 14KB - Virtual size: 13KB

.URsGpT Size: 512B - Virtual size: 1KB

.cAN Size: 512B - Virtual size: 49KB

.rdata Size: 3KB - Virtual size: 24KB

.EQMGgv Size: 4KB - Virtual size: 765KB

.f Size: 104KB - Virtual size: 126KB

.Pwa Size: 2KB - Virtual size: 32KB

.SGv Size: 2KB - Virtual size: 563KB

.data Size: 6KB - Virtual size: 23KB

.i Size: 109KB - Virtual size: 198KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.URsGpT
Size: 512B - Virtual size: 1KB

.cAN
Size: 512B - Virtual size: 49KB

.rdata
Size: 3KB - Virtual size: 24KB

.EQMGgv
Size: 4KB - Virtual size: 765KB

.f
Size: 104KB - Virtual size: 126KB

.Pwa
Size: 2KB - Virtual size: 32KB

.SGv
Size: 2KB - Virtual size: 563KB

.data
Size: 6KB - Virtual size: 23KB

.i
Size: 109KB - Virtual size: 198KB

.rsrc
Size: 2KB - Virtual size: 1KB