aaaf28a090437dfcda65a80bc013ef9e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaaf28a090437dfcda65a80bc013ef9e_JaffaCakes118
Size

59KB
MD5

aaaf28a090437dfcda65a80bc013ef9e
SHA1

44e4c279c4690f8862ebb3f38f526a23e914c537
SHA256

36fb62778b182c6ddfde6552f84719a8f856bdf9a4948319f2822b4eb27d832a
SHA512

fde263c8ee36c79fa0fd8e59e0739f87fb0fe46a02137f91e1edf313eaac40bc6ac7527511414f9fd71ccb8657770805156633dad7a1fa9e5de78ea3c781f3f0
SSDEEP

1536:VZ42NetdDWQA+mc9gRjpEAEvScgMdGrTKuLp+DQ:bTQ76Qz9gRCAEvA9TKy+DQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaaf28a090437dfcda65a80bc013ef9e_JaffaCakes118

Files

aaaf28a090437dfcda65a80bc013ef9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66a5757b8897d7a84e36414e9e098e7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetNextDlgTabItem
ChangeMenuA
VkKeyScanA
CopyIcon
DrawCaption
GetMenuItemCount
DdeUnaccessData
DefMDIChildProcA
GetComboBoxInfo
DdeQueryStringA
GetMessagePos
GetSystemMenu
AlignRects
GetDlgCtrlID
DestroyAcceleratorTable
GetMenuState
FreeDDElParam
DrawFrame
RedrawWindow
GetMenuCheckMarkDimensions
SetCaretBlinkTime
LoadAcceleratorsA
CharToOemBuffA
EnableScrollBar
IsWindowUnicode
DrawMenuBar
DdeClientTransaction
LookupIconIdFromDirectory
IMPGetIMEA
OpenDesktopA
GetAsyncKeyState
SetScrollInfo
CloseDesktop
SetWindowContextHelpId
SetProcessWindowStation
InvalidateRgn
DdeEnableCallback
SendMessageTimeoutA
GetKeyboardLayoutList
GetClipboardFormatNameA
RegisterWindowMessageA
GetClassWord
DdeGetLastError
EnumPropsExA
GetKBCodePage
GetUserObjectSecurity
RegisterDeviceNotificationA
CreateAcceleratorTableA
IsCharLowerA
MessageBoxA
SetKeyboardState
GetLastActivePopup

advapi32

InitializeAcl
GetServiceDisplayNameA
CryptEncrypt
OpenEventLogA
EnumDependentServicesA
RegConnectRegistryA
AccessCheck
IsTextUnicode
AllocateAndInitializeSid
CopySid
GetExplicitEntriesFromAclA
AddAce
RegQueryValueA
BuildSecurityDescriptorA
ObjectDeleteAuditAlarmA
RegSaveKeyA
PrivilegeCheck
CryptDestroyHash
GetSecurityDescriptorControl
CryptGetKeyParam
GetNumberOfEventLogRecords
CryptContextAddRef
GetAclInformation
GetSecurityDescriptorOwner
CryptHashSessionKey
RegOpenKeyA
SetEntriesInAuditListA
CryptGenKey
RegUnLoadKeyA
FindFirstFreeAce
RevertToSelf
ControlService
CryptSetKeyParam
BackupEventLogA
DeregisterEventSource
CryptSignHashA
GetTrusteeTypeA
GetMultipleTrusteeA

kernel32

Process32Next

Sections

.qpij
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkhyv
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cze
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ifklc
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66a5757b8897d7a84e36414e9e098e7d

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.qpij Size: 22KB - Virtual size: 45KB

.rkhyv Size: 5KB - Virtual size: 10KB

.cze Size: 1024B - Virtual size: 1KB

.ifklc Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.qpij
Size: 22KB - Virtual size: 45KB

.rkhyv
Size: 5KB - Virtual size: 10KB

.cze
Size: 1024B - Virtual size: 1KB

.ifklc
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB