b1b9c8accaf20f3d81dcdaf596c37a3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1b9c8accaf20f3d81dcdaf596c37a3f_JaffaCakes118
Size

52KB
MD5

b1b9c8accaf20f3d81dcdaf596c37a3f
SHA1

4eba9759c0c7c042754d6cc38656c4b894de9a60
SHA256

a728454d944ae9a2967c6798c5cfb5e5e9e0ed8a7e00bd0af803b133039c8fbd
SHA512

4b2aac0f318cb0d6327ae8927fc673ba4ec285326e60fa25ccb4b358fc229e147ebab790d1fd4e1f8b1d3488c63ce8c7d0494d67a54da4949448254d321d1b3d
SSDEEP

1536:AmvrnfOfaaLjwPeQyRNzCQM+KlPBK/9zOfBENNELY:tjWNkWQyRNWQ6P0/9qfYE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1b9c8accaf20f3d81dcdaf596c37a3f_JaffaCakes118

Files

b1b9c8accaf20f3d81dcdaf596c37a3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupInstallFromInfSectionA
SetupInstallServicesFromInfSectionA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

WaitForSingleObject
RemoveDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetEvent
OpenEventA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
RaiseException
InitializeCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetCurrentProcess
GetCurrentThread
GetTickCount
GetSystemDirectoryA
LoadResource
CreateMutexA
LoadLibraryW
LocalFree
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoW
IsValidCodePage
IsValidLocale
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
IsBadCodePtr
IsBadReadPtr
Sleep
LoadLibraryA
FreeLibrary
GetLastError
GetModuleHandleA
GetModuleFileNameA
IsBadWritePtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetTempPathA
GetProcessHeap
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
ExitProcess
GetFileAttributesA
GetSystemInfo
GetOEMCP
GetCPInfo
TlsAlloc
QueryPerformanceCounter
FatalAppExitA
HeapCreate
lstrcmpA
GetProcAddress

user32

FindWindowA
wsprintfA
PostMessageA
GetSystemMetrics
MessageBoxA
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
RegisterWindowMessageA

advapi32

RegFlushKey
RegCreateKeyExA
ImpersonateSelf
RevertToSelf
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
StartServiceA
ControlService
DeleteService
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
RegQueryInfoKeyA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

serialui

drvCommConfigDialogA
drvGetDefaultCommConfigW
drvCommConfigDialogW
drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvGetDefaultCommConfigA

kbdlt1

KbdLayerDescriptor

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UsuNF
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pUXjU
Size: 5KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hVkpe
Size: 8KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yIAWaW
Size: 2KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kswLe
Size: 8KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

Imports

setupapi

psapi

kernel32

user32

advapi32

shell32

ole32

serialui

kbdlt1

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 16KB

.UsuNF Size: 1024B - Virtual size: 37KB

.pUXjU Size: 5KB - Virtual size: 81KB

.hVkpe Size: 8KB - Virtual size: 101KB

.yIAWaW Size: 2KB - Virtual size: 47KB

.data Size: 6KB - Virtual size: 50KB

.kswLe Size: 8KB - Virtual size: 100KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 16KB

.UsuNF
Size: 1024B - Virtual size: 37KB

.pUXjU
Size: 5KB - Virtual size: 81KB

.hVkpe
Size: 8KB - Virtual size: 101KB

.yIAWaW
Size: 2KB - Virtual size: 47KB

.data
Size: 6KB - Virtual size: 50KB

.kswLe
Size: 8KB - Virtual size: 100KB

.rsrc
Size: 2KB - Virtual size: 1KB