b34c50390fbc3cc146c1361e2e99ca71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b34c50390fbc3cc146c1361e2e99ca71_JaffaCakes118
Size

402KB
MD5

b34c50390fbc3cc146c1361e2e99ca71
SHA1

84cae62f3c95a1c3d9bb75dc6436d5f558d97a45
SHA256

6b2a115f7d94246f10680c6014b27b3515c49e2569995d93b59059cdd1d6053f
SHA512

fec218222c86e1930edaa19a1271a1f400e6baeb0a630585af8e46cc815761bf5b5ce444682a6a6c800968275eab3d2e08a029156db62d48abce1aca6af4a145
SSDEEP

6144:Pqay64E392+J46EmuBJLmVEhhMc/IifaqhlPLvat93mLjdpMezPlAFceXnWEkq4u:PJEmkLsEhbhFlzvacdpFRAFcG/4ceE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b34c50390fbc3cc146c1361e2e99ca71_JaffaCakes118

Files

b34c50390fbc3cc146c1361e2e99ca71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0129d5655e5f9273318253ca1a527587

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegQueryValueW
RegQueryValueExW
RegQueryValueExA
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyA
RegCloseKey

shlwapi

StrCatBuffW

msi

MsiDatabaseExportW

gdi32

SetBrushOrgEx
Polygon
GetBkMode
SetStretchBltMode
SetViewportOrgEx
BitBlt
GetDeviceCaps
Polyline
IntersectClipRect
CreateSolidBrush
GetBkColor
SetTextColor
MoveToEx
Rectangle
GetBrushOrgEx
OffsetViewportOrgEx
CreatePen
GetStretchBltMode
SetBkColor
DeleteDC
GetTextColor
CreateCompatibleDC
DeleteObject
GetStockObject
CreateCompatibleBitmap
SelectObject
RestoreDC
SaveDC
CreateFontIndirectW
CreateDIBSection
LineTo
ExcludeClipRect
DPtoLP
SetBkMode
GetCurrentObject
StretchBlt
LPtoDP
GetObjectW

user32

PtInRect
ClientToScreen
PostMessageW
WindowFromPoint
GetWindowRect
GetWindow
GetDesktopWindow
KillTimer
GetWindowDC
GetMessageW
GetParent
IsWindow
SetParent
GetClientRect
EnumChildWindows
EndPaint
GetDoubleClickTime
ValidateRect
CreateWindowExW
DrawIcon
DefWindowProcW
CallMsgFilterW
SetFocus
InvalidateRect
ReleaseDC
GetCursorPos
SetTimer
FillRect
RegisterClassExW
GetSystemMetrics
GetDC
TranslateMessage
GetIconInfo
LoadImageW
GetUpdateRect
SendMessageW
UnregisterClassW
DestroyWindow
LoadCursorW
ReleaseCapture
MoveWindow
DrawTextW
LoadStringW
SetWindowPos
ShowWindow
ClipCursor
ScreenToClient
SetCapture
DispatchMessageW
InflateRect
IsWindowVisible
BeginPaint
SetPropW
GetPropW
PostQuitMessage
OffsetRect
wsprintfW

cfgmgr32

CM_Move_DevNode
CM_Get_Version_Ex

dinput8

DirectInput8Create

ole32

StringFromCLSID
CoTaskMemFree

kernel32

FileTimeToSystemTime
SetHandleCount
GetStringTypeA
VirtualAlloc
RaiseException
GetFileType
GetCommandLineA
GetSystemInfo
CreateFileMappingA
GetTickCount
GetEnvironmentStrings
ExitProcess
FlushFileBuffers
LoadLibraryA
VirtualFree

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0129d5655e5f9273318253ca1a527587

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shlwapi

msi

gdi32

user32

cfgmgr32

dinput8

ole32

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 167KB - Virtual size: 166KB

.reloc Size: 512B - Virtual size: 32B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 32KB - Virtual size: 31KB

.data Size: 57KB - Virtual size: 2.4MB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 167KB - Virtual size: 166KB

.reloc
Size: 512B - Virtual size: 32B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 32KB - Virtual size: 31KB

.data
Size: 57KB - Virtual size: 2.4MB