a695debc2350685ffcfbda09c17b89cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a695debc2350685ffcfbda09c17b89cd_JaffaCakes118
Size

369KB
MD5

a695debc2350685ffcfbda09c17b89cd
SHA1

eb093799b479e8670c29561de226a5cb46c677fe
SHA256

40b3a7b6bd84023e0d1c870744bf53375577e560ee0949a6ae9e3df8a2027268
SHA512

1f200e200e7e4023dd1bb6ac697bfbc953e827fbac707fac63743fdd61009f019b3a125dd48797404c7dcbf2d08d73e86b8034ce820ae90ccd97c86d59bd37a6
SSDEEP

6144:L+s8JDvStzfdX3kRR2lrwrP+2v11JPC3Q8yam2/1X+AkDhzN/VwpsQUI/ssmcxu:LmDSdfNX2DJwQVamaJ+3DhVKrUHsl4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a695debc2350685ffcfbda09c17b89cd_JaffaCakes118

Files

a695debc2350685ffcfbda09c17b89cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d081aa570d7c1c2fd5bb271f57b48feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetClipboardData
GetWindow
GetDialogBaseUnits
AdjustWindowRect
GetDlgItemInt
CreateWindowExA

gdi32

Ellipse
DescribePixelFormat
ExcludeClipRect
GdiComment
GdiGetBatchLimit
GetBrushOrgEx
Chord
FrameRgn
ExtFloodFill
GetAspectRatioFilterEx

advapi32

OpenBackupEventLogA
RegSetValueExA
ReadEventLogW
CloseEventLog
RegEnumValueA
RegReplaceKeyA
RegOpenKeyA

kernel32

LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapUnlock
GetACP
IsBadReadPtr
SetLocaleInfoA
LocalHandle
LocalSize
VirtualAlloc
LocalFree
VirtualProtectEx
VirtualFreeEx
WideCharToMultiByte
HeapReAlloc
HeapCreate
GetProcessHeap
GetProcAddress
CloseHandle
VirtualAllocEx
HeapAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy

secur32

EncryptMessage
MakeSignature
ExportSecurityContext
AcceptSecurityContext
DeleteSecurityContext
FreeCredentialsHandle
ApplyControlToken
DecryptMessage
VerifySignature
CompleteAuthToken

netapi32

NetUserChangePassword
NetGetJoinInformation
NetLocalGroupDelMembers
NetErrorLogRead
NetConfigGet
NetErrorLogWrite
NetGetJoinableOUs
NetGetAnyDCName
NetGroupAdd
NetErrorLogClear
NetAuditWrite
NetAuditRead

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.usxxaa
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d081aa570d7c1c2fd5bb271f57b48feb

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

secur32

netapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 81KB

.usxxaa Size: 331KB - Virtual size: 330KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 81KB

.usxxaa
Size: 331KB - Virtual size: 330KB

.rsrc
Size: 3KB - Virtual size: 2KB