a662acc8548f04b11b2f74abee613a4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a662acc8548f04b11b2f74abee613a4f_JaffaCakes118
Size

251KB
MD5

a662acc8548f04b11b2f74abee613a4f
SHA1

de13cfa899f1db8aa127ac49a95712dbbc28c45a
SHA256

36f4e0c6f555f516a3620fe245b12f5a889abbabbe8d8a3c0294f72c6b5ad033
SHA512

f7829c1a347c8a8b4259ba2c2ea08283c7a6ee715b405521f10e893bb675aae828696e9a6d32f2b97241e8e7a0e67f86eca761f10ddc71243460a70b887569a3
SSDEEP

6144:3666rhktaP0VYwfzTFlBLd/oADpy3U4z5ecrRLETdenK:q6W0VYwJi1kow0ET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a662acc8548f04b11b2f74abee613a4f_JaffaCakes118

Files

a662acc8548f04b11b2f74abee613a4f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

27fe83085011226abc445923421b32ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColorBrush
EnumDisplaySettingsW
CallNextHookEx
GetMonitorInfoW
PtInRect
GetDC
ShowWindow
LoadStringW
SetThreadDesktop
GetDoubleClickTime
DispatchMessageW
GetMessageW
LoadImageW
GetClientRect
DrawIconEx
DestroyIcon
GetUserObjectInformationW
CharNextW
DefWindowProcW
RegisterDeviceNotificationW
ClientToScreen
MonitorFromPoint
IntersectRect
DestroyWindow
SystemParametersInfoW
MoveWindow
RegisterWindowMessageW
FillRect

setupapi

SetupDiOpenDevRegKey

atl

ord16
ord43
ord45
ord30
ord32
ord58
ord18
ord17

gdi32

CreateSolidBrush
CreateCompatibleBitmap

msvcrt

?terminate@@YAXXZ
_controlfp
_ftol
wcstol
__p__fmode
_itow
_except_handler3
__p__commode
_adjust_fdiv
_XcptFilter
??3@YAXPAX@Z
_exit
_wfopen
_wcmdln
wcslen
_onexit
_wcsicmp

ole32

CoUninitialize

advapi32

RegOpenKeyExA
SetSecurityDescriptorGroup
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExA

kernel32

HeapFree
LeaveCriticalSection
GetLastError
CloseHandle
VirtualFree
GetCurrentThread
SetThreadExecutionState
SetWaitableTimer
CloseHandle
SetPriorityClass
ReadFile
SetProcessShutdownParameters
GetProcessWorkingSetSize
GetProcAddress
GetStartupInfoW
ResetEvent
CancelIo
HeapAlloc
ReleaseMutex
OpenEventW
GetCurrentProcess
GetTickCount
GetOverlappedResult
FlushInstructionCache
DeleteCriticalSection
GetModuleHandleA
lstrcpyW
VirtualAlloc
VerifyVersionInfoW
DuplicateHandle
QueueUserAPC

hid

HidD_GetProductString
HidP_GetSpecificValueCaps

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27fe83085011226abc445923421b32ba

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

atl

gdi32

msvcrt

ole32

advapi32

kernel32

hid

Sections

.text Size: 175KB - Virtual size: 175KB

.data Size: 71KB - Virtual size: 70KB

.rsrc Size: 3KB - Virtual size: 544KB

.text
Size: 175KB - Virtual size: 175KB

.data
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 3KB - Virtual size: 544KB