a9ef4bcd3f5ab9cafb0ce67f5344b679_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9ef4bcd3f5ab9cafb0ce67f5344b679_JaffaCakes118
Size

252KB
MD5

a9ef4bcd3f5ab9cafb0ce67f5344b679
SHA1

76442af039b789af2966e638c1608d201374c3e5
SHA256

f1a5576eb072ae598303da9cc656ae5f7428328d5a420446d76004db3f22219f
SHA512

495e8437629a0dfb4a9e99ab1ff1cdf9650a9d62de3b138026ace81759c3df07b9ea56a861d0aa9c113ff9ed8fa8a1759df8e2aaed1cf782721c526ff12c36aa
SSDEEP

6144:jOvH/zzlDT++fErDLTqByqHwdAdTO44gcgJdIKmJTL20T+yvqA:+H/zzRT++u7qBrHXROY5QTTq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9ef4bcd3f5ab9cafb0ce67f5344b679_JaffaCakes118

Files

a9ef4bcd3f5ab9cafb0ce67f5344b679_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6cb9273e28fd34befa50e117ca004f01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTickCount
OpenProcess
GetStdHandle
QueryPerformanceFrequency
VirtualAlloc
VerSetConditionMask
SetProcessShutdownParameters
VirtualFree
InterlockedIncrement
GetStartupInfoW
ResetEvent
InterlockedDecrement
GetCurrentThreadId
MapViewOfFile
SetThreadPriority
CloseHandle
GlobalDeleteAtom
HeapFree
DuplicateHandle
DeleteCriticalSection
CancelIo
ReadFile
FreeLibrary
ReleaseMutex
GetLastError
GetCommandLineW
CreateFileW
lstrlenW
LoadLibraryW
SetThreadExecutionState
LeaveCriticalSection
WaitForMultipleObjects
WaitForSingleObject
SetProcessShutdownParameters
SetEvent
GetProcAddress
CancelWaitableTimer
QueueUserAPC

advapi32

InitializeSecurityDescriptor
RegSetValueW
RegOpenKeyW
GetLengthSid
OpenThreadToken
RegEnumKeyW
RegSetValueExW
RegCloseKey
SetSecurityDescriptorDacl
RegQueryValueExW

msvcrt

_initterm
wcscmp
_CIpow
fclose
__p__fmode
_vsnwprintf
_controlfp
__p__commode
_XcptFilter
_ftol
_onexit
wcstol
??3@YAXPAX@Z
__CxxFrameHandler
__wgetmainargs
wcsstr
fputws
swscanf
__setusermatherr
_exit
_adjust_fdiv
__set_app_type

user32

GetMonitorInfoW
SendInput
UpdateLayeredWindow
DefWindowProcW
PostThreadMessageW
GetClientRect
DrawIconEx
SetCursorPos
MonitorFromPoint
GetPropW
GetThreadDesktop
GetWindowLongW
DestroyWindow
CloseDesktop
SetWindowsHookExW
RegisterDeviceNotificationW
GetSystemMetrics
DestroyIcon
DispatchMessageW
InflateRect
CreateWindowExW
OpenInputDesktop
CallWindowProcW
GetDoubleClickTime
SetWindowLongW
PtInRect
GetMessageW
GetUserObjectInformationW
UnregisterDeviceNotification

hid

HidP_GetUsages
HidD_GetPreparsedData
HidP_GetSpecificValueCaps
HidP_GetCaps
HidD_GetProductString
HidD_GetAttributes
HidP_GetSpecificButtonCaps

atl

ord43
ord18
ord44
ord30
ord32
ord20
ord45
ord58
ord57

gdi32

DeleteDC
CreateCompatibleBitmap
SelectObject

setupapi

SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo

ole32

CoCreateInstance
CoInitializeSecurity
CoInitializeEx

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cb9273e28fd34befa50e117ca004f01

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

hid

atl

gdi32

setupapi

ole32

Sections

.text Size: 210KB - Virtual size: 210KB

.data Size: 35KB - Virtual size: 34KB

.rsrc Size: 5KB - Virtual size: 532KB

.text
Size: 210KB - Virtual size: 210KB

.data
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 5KB - Virtual size: 532KB