b4ce191cf495d8adf8f5f5a5bef46b79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4ce191cf495d8adf8f5f5a5bef46b79_JaffaCakes118
Size

233KB
MD5

b4ce191cf495d8adf8f5f5a5bef46b79
SHA1

388d7812dcfc5ff60209fd5a62b472049e0697bc
SHA256

b1e215d32ac5b0464979508b2fb02cacee42436d76af92295f6f5857a9c3e736
SHA512

e610106c5e6edb7e2b4bd8517b4b6f803b9ad475a5a12c71ff32bac84d4d4204d71f628a5f8d5756a7613b255dd43c6190bdc82b0773e83cbda94584fed3b822
SSDEEP

3072:aSTWxH97OvamT8TKC838fFGlBx9Om+gmRcbXNKCbX0TnohT0kPOw/hzPbVSXjGvS:/yromeH96g+cbXFkUhZOopZMjGvdmh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4ce191cf495d8adf8f5f5a5bef46b79_JaffaCakes118

Files

b4ce191cf495d8adf8f5f5a5bef46b79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d107077ff4f70d1d4a45c22cb4d6f47a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
GetExitCodeProcess
GetSystemDefaultLCID
GetModuleHandleW
OpenSemaphoreW
GetProcAddress
HeapCreate
CreateMailslotW
GetExitCodeThread
GlobalAlloc
lstrcatW
CreateDirectoryA
GetVersionExA
GetVersion
LoadLibraryA
ExitProcess
GetProcessHeap
OpenFile
GetStartupInfoA
CopyFileA
GetTimeFormatA
GetProcessHeaps

user32

mouse_event
CreatePopupMenu
EnumDesktopsW
GetForegroundWindow
GetWindowTextLengthA
GetWindowRect
DialogBoxParamA
DrawIcon
UnregisterClassA
IsWindow
LoadIconW
WinHelpW
FrameRect
AnimateWindow

gdi32

GetObjectW
SetSystemPaletteUse
GetCharacterPlacementA
GetMapMode
CreateDIBSection
PtVisible
CreateDCW
GetBitmapDimensionEx
DPtoLP
EndPath

advapi32

RegCreateKeyExA
RegReplaceKeyW
RegCloseKey
RegQueryInfoKeyW
RegSaveKeyA
RegRestoreKeyA
RegQueryInfoKeyA
RegEnumValueA
RegFlushKey
RegOpenKeyA
RegQueryValueW
RegDeleteValueW

shlwapi

PathIsFileSpecA
PathStripToRootW
AssocQueryStringByKeyA
PathCanonicalizeW
StrChrIA
PathFindNextComponentW
StrTrimA
PathRelativePathToW

setupapi

CM_Register_Device_Driver
pSetupStringTableLookUpStringEx
SetupDiGetDeviceRegistryPropertyA
SetupQueueRenameSectionA
pSetupStringTableAddString
SetupGetInfFileListA
CM_Set_DevNode_Registry_Property_ExA
CM_Get_HW_Prof_FlagsW
SetupInstallFromInfSectionA
SetupDiGetDriverInfoDetailW
SetupDiGetClassImageList

wsock32

TransmitFile
EnumProtocolsW
recvfrom
GetServiceW
WSAGetLastError
WSAAsyncGetHostByAddr
s_perror
__WSAFDIsSet
inet_network
gethostname

Sections

.Ls
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DCDw
Size: 1024B - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FiiRm
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IyRtub
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Dx
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wNYq
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EGv
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xGs
Size: 5KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d107077ff4f70d1d4a45c22cb4d6f47a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

setupapi

wsock32

Sections

.Ls Size: 9KB - Virtual size: 8KB

.DCDw Size: 1024B - Virtual size: 458KB

.FiiRm Size: 86KB - Virtual size: 86KB

.IyRtub Size: 13KB - Virtual size: 13KB

.Dx Size: 3KB - Virtual size: 11KB

.wNYq Size: 3KB - Virtual size: 16KB

.EGv Size: 86KB - Virtual size: 86KB

.data Size: 16KB - Virtual size: 371KB

.xGs Size: 5KB - Virtual size: 151KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.Ls
Size: 9KB - Virtual size: 8KB

.DCDw
Size: 1024B - Virtual size: 458KB

.FiiRm
Size: 86KB - Virtual size: 86KB

.IyRtub
Size: 13KB - Virtual size: 13KB

.Dx
Size: 3KB - Virtual size: 11KB

.wNYq
Size: 3KB - Virtual size: 16KB

.EGv
Size: 86KB - Virtual size: 86KB

.data
Size: 16KB - Virtual size: 371KB

.xGs
Size: 5KB - Virtual size: 151KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B