b215f4cf9625a45a20e8b2bfbe9de526_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b215f4cf9625a45a20e8b2bfbe9de526_JaffaCakes118
Size

275KB
MD5

b215f4cf9625a45a20e8b2bfbe9de526
SHA1

09cb281b80cc21c182ad87df65d94fbb7023df7c
SHA256

bad7e5e51e5870e1980a5254821f4efdcab45a64da40c2f6572209788ec2dd83
SHA512

ce19ec36b4a78d9650dabbe73a530fbe7b2076b084dce9041468727cda897efb8203e7fec00e4e0f98b6a010a4aeaabff1ead2cf537727096f1682a82a5f47dd
SSDEEP

6144:1XubZutHLtgX5CYoN2FlxlgObTDwS/T9tET2Eqh:1XubZeLt0oWlvgObwS/4za

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b215f4cf9625a45a20e8b2bfbe9de526_JaffaCakes118

Files

b215f4cf9625a45a20e8b2bfbe9de526_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d09f728611029b438616097a03d58bf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC

atl

ord43
ord44
ord45
ord32
ord20
ord30
ord17
ord16

msvcrt

_itow
__set_app_type
_exit
_vsnwprintf
malloc
_wfopen
fclose
exit
_CIpow
_purecall
_onexit
__wgetmainargs
wcsstr
_adjust_fdiv
_CxxThrowException
_cexit
??2@YAPAXI@Z
wcscmp
??1type_info@@UAE@XZ
??3@YAXPAX@Z
__setusermatherr
_XcptFilter

hid

HidP_GetUsageValue
HidD_GetPreparsedData
HidD_GetHidGuid
HidP_GetSpecificValueCaps

user32

SendInput
DestroyIcon
GetThreadDesktop
EnumDisplayMonitors
GetDC
IntersectRect
OpenInputDesktop
UpdateLayeredWindow
GetMessageW
SetWindowLongW
LoadImageW
GetClientRect
CreateWindowExW
InflateRect
FillRect
SetCursorPos
DestroyWindow
MonitorFromWindow
GetPropW
MonitorFromPoint
GetAncestor
CallNextHookEx
CloseDesktop
SystemParametersInfoW
ShowWindow
GetDesktopWindow
WindowFromPoint
GetSystemMetrics

advapi32

RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
SetSecurityDescriptorOwner
GetLengthSid
CopySid
OpenThreadToken
RegOpenKeyW
RegQueryValueExA
SetSecurityDescriptorGroup
RegDeleteKeyW
RegCreateKeyW
OpenProcessToken
RegSetValueExW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

kernel32

MulDiv
VirtualAllocEx
GetTickCount
InitializeCriticalSectionAndSpinCount
SetThreadPriority
CancelWaitableTimer
GetTickCount
lstrcpyW
CompareStringW
LoadLibraryW
InterlockedDecrement
CloseHandle
GetCommandLineW
HeapAlloc
SetEvent
GetSystemDirectoryW
GlobalDeleteAtom
CreateMutexW
InitializeCriticalSection
HeapFree
SetPriorityClass
SetPriorityClass
CloseHandle
GlobalAddAtomW
OpenProcess
VirtualFree
QueryPerformanceCounter
DuplicateHandle
GetProcessShutdownParameters

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d09f728611029b438616097a03d58bf7

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

atl

msvcrt

hid

user32

advapi32

setupapi

kernel32

ole32

Sections

.text Size: 169KB - Virtual size: 169KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 28KB - Virtual size: 548KB

.text
Size: 169KB - Virtual size: 169KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 28KB - Virtual size: 548KB