aaea9862b7663d6137daf2029440972e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaea9862b7663d6137daf2029440972e_JaffaCakes118
Size

249KB
MD5

aaea9862b7663d6137daf2029440972e
SHA1

30e7fe3e62cdbadc07e3fd23a1f87a014976c6e9
SHA256

6e9c934d51098068abab928e1bb3bd3be6e09a4d19e93e7500e82358a36383cf
SHA512

338ffd8c3fc221693e28354a161b6d869b30723858f7f2942c8146e082e443c9ad8f1996c517ea89cd3b48532761c0e00275787946f937a275a45567eed2f47d
SSDEEP

6144:8rKLIh1Eyy8zfrkUQSHp+z5E+bGzleQDnEt:8mLE1/y0zkUaydDnEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaea9862b7663d6137daf2029440972e_JaffaCakes118

Files

aaea9862b7663d6137daf2029440972e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee605e976187f0333a418943dcd5ad36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
lstrcmpW
GetProcAddress

user32

GetSystemMetrics
LoadMenuIndirectA
GetMenuItemID
SendDlgItemMessageW
OffsetRect
LoadImageA
ActivateKeyboardLayout
CreateAcceleratorTableW
SetWindowPos
LoadImageW
CopyRect
CreateWindowExA
SetWindowTextW
SendDlgItemMessageA
GetMenuStringA
GetMenuItemInfoW
GetMenuState
GetIconInfo
LoadMenuIndirectW
SetWindowTextA
GetClassInfoExW
CheckMenuItem
GetMenuStringW
GetActiveWindow
GetForegroundWindow
InsertMenuItemW
CharLowerW
mouse_event
SetFocus
RegisterClassExA
SetCursor
IsIconic

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

resutils

ResUtilSetPropertyTable
ResUtilSetResourceServiceEnvironment
ResUtilGetProperties
ResUtilEnumResources
ResUtilSetSzValue
ResUtilGetSzProperty
ResUtilSetMultiSzValue
ResUtilDupString
ResUtilFindBinaryProperty

gdi32

CreateRoundRectRgn
CreateFontW
AddFontResourceW
GetEnhMetaFileA
AddFontResourceA
CreateDIBPatternBrushPt
GetTextExtentPointW

kbdca

KbdLayerDescriptor

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l
Size: 1024B - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 87KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 130KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee605e976187f0333a418943dcd5ad36

Headers

File Characteristics

Imports

kernel32

user32

advapi32

resutils

gdi32

kbdca

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 51KB

.l Size: 1024B - Virtual size: 70KB

.edata Size: 87KB - Virtual size: 104KB

.data Size: 7KB - Virtual size: 92KB

.edata Size: 130KB - Virtual size: 159KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 51KB

.l
Size: 1024B - Virtual size: 70KB

.edata
Size: 87KB - Virtual size: 104KB

.data
Size: 7KB - Virtual size: 92KB

.edata
Size: 130KB - Virtual size: 159KB

.rsrc
Size: 2KB - Virtual size: 1KB