ac28cd76facb7a9ab17155810c62d6f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac28cd76facb7a9ab17155810c62d6f7_JaffaCakes118
Size

268KB
MD5

ac28cd76facb7a9ab17155810c62d6f7
SHA1

9e22a0b37ea1963bb234ae909996729d89798036
SHA256

5570aaf7b254b49275ad613b611d7d9015acde5660418b6f8fe7af21a57f073a
SHA512

9c45136fd8db90856279251051fd88327c16d188abca470b2814c79621e497041176c6365b25b818841d20d8a724b144667bf24a42f99d0a173990d3e44cb80e
SSDEEP

6144:qkOqrJnV0KElMnn1wfLSzvg+VAJCz28Ldi3:qepV5Wun1p7VAgS8Ld0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac28cd76facb7a9ab17155810c62d6f7_JaffaCakes118

Files

ac28cd76facb7a9ab17155810c62d6f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db34ed57f2c32af7c45900460ccac279

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
lstrcmpW
GetModuleHandleW
GlobalAlloc
LocalFree
MulDiv
SetErrorMode
lstrlenW
Beep
ExpandEnvironmentStringsA
GetWindowsDirectoryW
GetProcessHeap
FreeLibrary
FindResourceW
LoadResource
SetUnhandledExceptionFilter
RaiseException
lstrlenA
GlobalFindAtomW
GetModuleHandleA
TlsAlloc
LocalAlloc
CreateEventW
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpA
GetProcAddress

user32

GetForegroundWindow
SetActiveWindow
GetTopWindow
TrackPopupMenu
SetMenu
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetFocus
DefWindowProcW
WinHelpW
CopyRect
GetMenu
GetSubMenu
GetMenuItemCount
SetWindowLongW
SetWindowPos
IsIconic
GetCapture
SetCapture
GetDesktopWindow
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
IsWindow
GetMenuItemID
AppendMenuW
CopyIcon
GetIconInfo
GetMenuState
PostQuitMessage
PostMessageW
CheckMenuItem
IsDlgButtonChecked
MoveWindow
ShowWindow
DestroyIcon
DestroyMenu
CreatePopupMenu
InvalidateRect
EndDialog
CreateDialogIndirectParamW
SetTimer
MessageBeep
EnableMenuItem
SendMessageW
GetFocus
LoadBitmapW
SetWindowTextW
UnregisterClassW
LoadCursorW
GetSystemMetrics
GetSysColor
GetSysColorBrush
LoadImageW
EnableWindow
MessageBoxW
SetCursor
GetMessageW
GetActiveWindow
GetKeyState
PeekMessageW
GetCursorPos

gdi32

CreateBitmap
DeleteObject
CreatePatternBrush
CreateCompatibleDC
GetStockObject
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreatePalette

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
CreateProcessAsUserW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
GetSecurityInfo
RegQueryValueExA

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantChangeType
VariantClear

winmm

sndPlaySoundW

quartz

DBToAmpFactor
DllUnregisterServer
AMGetErrorTextW
DllRegisterServer
DllGetClassObject

odbc32gt

Dispatch

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.irKG
Size: 2KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WRK
Size: 3KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.O
Size: 4KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.E
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XL
Size: 4KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YO
Size: 1024B - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dMhq
Size: 84KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YLEr
Size: 2KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KCbunK
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fkwK
Size: 135KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db34ed57f2c32af7c45900460ccac279

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

winmm

quartz

odbc32gt

Sections

.text Size: 17KB - Virtual size: 17KB

.irKG Size: 2KB - Virtual size: 286KB

.WRK Size: 3KB - Virtual size: 198KB

.O Size: 4KB - Virtual size: 622KB

.E Size: 512B - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 14KB

.XL Size: 4KB - Virtual size: 393KB

.YO Size: 1024B - Virtual size: 51KB

.dMhq Size: 84KB - Virtual size: 156KB

.YLEr Size: 2KB - Virtual size: 512KB

.data Size: 6KB - Virtual size: 105KB

.KCbunK Size: 1024B - Virtual size: 107KB

.fkwK Size: 135KB - Virtual size: 147KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.irKG
Size: 2KB - Virtual size: 286KB

.WRK
Size: 3KB - Virtual size: 198KB

.O
Size: 4KB - Virtual size: 622KB

.E
Size: 512B - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 14KB

.XL
Size: 4KB - Virtual size: 393KB

.YO
Size: 1024B - Virtual size: 51KB

.dMhq
Size: 84KB - Virtual size: 156KB

.YLEr
Size: 2KB - Virtual size: 512KB

.data
Size: 6KB - Virtual size: 105KB

.KCbunK
Size: 1024B - Virtual size: 107KB

.fkwK
Size: 135KB - Virtual size: 147KB

.rsrc
Size: 2KB - Virtual size: 1KB