baa99261d3001f5a9a8248bc4ab66423_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

baa99261d3001f5a9a8248bc4ab66423_JaffaCakes118
Size

64KB
MD5

baa99261d3001f5a9a8248bc4ab66423
SHA1

619904a313f7f384d94be8a9f3dc5a4c8f1e6498
SHA256

299218ae4189c4cc1a68b7d792b58d0a9631de2c61aa81413cf991b2c6b0b4eb
SHA512

cba5264d72da8b533293bcd54a60e76661f24b245e721dd062721d25cb1601d970a4c77eb4bd084f8e6cae955d3df3c8e418cbccdddb1ebfccbe9166c5f3665f
SSDEEP

1536:M5UnLhg0AcHtzqYekDW5VLUrS8BoBHv4knaAVPj9:M2LrUka2BoBHv4k5VP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
baa99261d3001f5a9a8248bc4ab66423_JaffaCakes118

Files

baa99261d3001f5a9a8248bc4ab66423_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9378a874b0ece18b7bc9ddc1cf0fb262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowW
EnableScrollBar
DdeEnableCallback
GetCaretBlinkTime
AdjustWindowRect
GetUpdateRgn
CharToOemBuffW
GetIconInfo
CharLowerBuffW
FreeDDElParam
UnpackDDElParam
CreateWindowStationA
IsZoomed
GetWindowInfo
IsCharUpperW
EnumWindows
GetScrollRange
DeleteMenu
SetCaretBlinkTime
TabbedTextOutA
CreateDesktopW
RegisterDeviceNotificationW
CharLowerA
GetDCEx
EnumDisplayDevicesW
PaintDesktop
ModifyMenuA
CharPrevW

shlwapi

HashData
StrCpyNW
StrRChrIW
StrFromTimeIntervalW
UrlHashA
PathFindNextComponentA
UrlGetLocationA
StrCmpNA
PathIsDirectoryW
PathStripPathW
StrCmpIW
SHOpenRegStream2W
PathGetArgsW
SHRegEnumUSKeyW
PathRelativePathToW
StrRetToStrA
PathFindSuffixArrayW
SHDeleteValueW

ole32

CoGetPSClsid
CoInitializeSecurity
CoUnmarshalInterface
GetClassFile
ReadStringStream
RevokeDragDrop
CoRegisterClassObject
WriteStringStream
OleCreateFromDataEx
CreateAntiMoniker
CoRegisterPSClsid
UtGetDvtd32Info
OleTranslateAccelerator
OleCreateLinkToFile
CoInitializeWOW
CoResumeClassObjects
CoMarshalHresult
CoMarshalInterThreadInterfaceInStream
WriteClassStg

advapi32

LookupAccountSidW
OpenBackupEventLogA
GetSidIdentifierAuthority
BuildTrusteeWithSidW
LookupSecurityDescriptorPartsA
BuildTrusteeWithSidA
GetOldestEventLogRecord
ConvertSecurityDescriptorToAccessW
OpenThreadToken
CryptAcquireContextW
MakeAbsoluteSD
RegLoadKeyA
InitializeSecurityDescriptor
ObjectPrivilegeAuditAlarmW
InitializeAcl

kernel32

RequestWakeupLatency
FreeLibrary
FreeEnvironmentStringsW
GetCommandLineA
MapViewOfFileEx
GetTempPathA
GetProcessAffinityMask
MoveFileExA
GetShortPathNameW
VirtualAlloc
DefineDosDeviceA
LockFile
SetupComm
FreeEnvironmentStringsA
WriteConsoleOutputCharacterW
GlobalFix
GetComputerNameW
GlobalHandle
FindClose
EnumTimeFormatsA
GetPrivateProfileStringW
VirtualProtect
GetModuleHandleA

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9378a874b0ece18b7bc9ddc1cf0fb262

Headers

DLL Characteristics

File Characteristics

Imports

user32

shlwapi

ole32

advapi32

kernel32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 20KB