ba20ca2d0a7e7f85fcad70a08bdf4719_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba20ca2d0a7e7f85fcad70a08bdf4719_JaffaCakes118
Size

863KB
MD5

ba20ca2d0a7e7f85fcad70a08bdf4719
SHA1

850be6b42908af9bd03ebfede97bae53d9c411bf
SHA256

c1a2fed599070f5e51df508f43d2f92767f0fb7dfed9c4e2f5f37494650fcbf5
SHA512

e7c3a2fac714a0ec025a6c49bbaa8de572463a3e4c6255e582305474f283808a95df5f8b7c33ca5f2a30367c274150df736d54524c8bd83bcb3e0c688b24134c
SSDEEP

24576:V4nivhKVirUz2Rj07bAhVOFtUIiUPjxEE6uR/I+fPPxDl:Vi6m4UYUtJdquRRP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba20ca2d0a7e7f85fcad70a08bdf4719_JaffaCakes118

Files

ba20ca2d0a7e7f85fcad70a08bdf4719_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2d153efbc3612f7d0325363db7b495d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessage
DdeClientTransaction
UpdateWindow
DdeEnableCallback
GetLastActivePopup
SendMessageTimeoutA
MsgWaitForMultipleObjects
OemToCharA
MessageBoxA
RegisterWindowMessageA
ChildWindowFromPointEx
SetMenuDefaultItem
LoadIconA
UnpackDDElParam
ToUnicodeEx
IMPGetIMEA
DefMDIChildProcA
SetWindowRgn
ExcludeUpdateRgn
DdeGetLastError
SetMessageExtraInfo
CreateAcceleratorTableA
RemovePropA
IsCharLowerA
GetClipboardFormatNameA
TileWindows
DestroyMenu
LoadAcceleratorsA
GetMenuCheckMarkDimensions
SetKeyboardState
GetMenuState
GetDoubleClickTime
GetComboBoxInfo
GetWindowWord
DdeUnaccessData
IsMenu
EnumClipboardFormats
DlgDirSelectExA
GetWindowRect
AlignRects
CharNextExA
SetDebugErrorLevel
ShowCursor
DdeNameService
ChangeMenuA
GetUserObjectSecurity
LoadMenuIndirectA
EndMenu
ShowWindowAsync
LookupIconIdFromDirectory
RedrawWindow
CreateWindowExA
DestroyAcceleratorTable
PostQuitMessage
MapVirtualKeyExA

advapi32

GetTrusteeTypeA
PrivilegeCheck
RevertToSelf
AllocateAndInitializeSid
OpenEventLogA
CryptGetKeyParam
EnumDependentServicesA
GetNumberOfEventLogRecords
GetExplicitEntriesFromAclA
ChangeServiceConfigA
RegConnectRegistryA
CryptSignHashA
GetSidSubAuthority
GetSecurityDescriptorControl
QueryServiceObjectSecurity
CryptEncrypt
CryptContextAddRef
GetServiceDisplayNameA
RegQueryValueA
CopySid
AccessCheck
CryptHashSessionKey
GetAclInformation
RegUnLoadKeyA
ControlService
BackupEventLogA
DeregisterEventSource
IsTextUnicode
CryptSetKeyParam
RegOpenKeyA
GetSecurityDescriptorOwner
BuildSecurityDescriptorA
CryptDestroyHash
RegFlushKey
AddAce

Sections

.jkd
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xixi
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxybm
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xup
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pwxul
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cvw
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fqv
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xgtq
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crotg
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d153efbc3612f7d0325363db7b495d

Headers

File Characteristics

Imports

user32

advapi32

Sections

.jkd Size: 638KB - Virtual size: 1.3MB

.xixi Size: 6KB - Virtual size: 8KB

.sxybm Size: 19KB - Virtual size: 27KB

.xup Size: 512B - Virtual size: 21KB

.pwxul Size: 6KB - Virtual size: 15KB

.cvw Size: 512B - Virtual size: 56B

.fqv Size: 512B - Virtual size: 24B

.xgtq Size: 48KB - Virtual size: 77KB

.crotg Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.jkd
Size: 638KB - Virtual size: 1.3MB

.xixi
Size: 6KB - Virtual size: 8KB

.sxybm
Size: 19KB - Virtual size: 27KB

.xup
Size: 512B - Virtual size: 21KB

.pwxul
Size: 6KB - Virtual size: 15KB

.cvw
Size: 512B - Virtual size: 56B

.fqv
Size: 512B - Virtual size: 24B

.xgtq
Size: 48KB - Virtual size: 77KB

.crotg
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB