bce8733c8e4aae4e5ccb4a2353fed8c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bce8733c8e4aae4e5ccb4a2353fed8c5_JaffaCakes118
Size

442KB
MD5

bce8733c8e4aae4e5ccb4a2353fed8c5
SHA1

8f0f7e4b52a55d7daee2fb2199efa94426a485ae
SHA256

eeb0fe624f49475cf4badc3cd0c2e03010961fd551404fd48bef7ba98d6d5520
SHA512

d4aa169dc5ae1c856fb61a51f669bb0aaad01ba3d1b29610560e5aa969eb679b3988d1ab3a58051cf1b737d39d378b27e73ba44f4a865b13a2682c239b1a13b5
SSDEEP

12288:ZaHJK6mtjs2QcPAReWYWKnvaqkU5dpcZrp:ZapK6Ij8qJXva2di/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bce8733c8e4aae4e5ccb4a2353fed8c5_JaffaCakes118

Files

bce8733c8e4aae4e5ccb4a2353fed8c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc767c3b2c56562a750042271c1fee86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ScreenToClient
EqualRect
GetWindowDC
PtInRect
TabbedTextOutW
GetDlgCtrlID
DeferWindowPos
AppendMenuW
LoadCursorW
RegisterWindowMessageW
GrayStringW
GetWindowTextW
PostMessageW
SetTimer
EndDialog

gdi32

CreatePen
SetViewportOrgEx
SetStretchBltMode
SetTextCharacterExtra
MoveToEx
SaveDC
PatBlt
SetMapperFlags
SelectObject
GetPixel
CreateSolidBrush
SetMapMode
SetBkMode
ArcTo
ModifyWorldTransform
GetDeviceCaps
IntersectClipRect
PlayMetaFileRecord
SetColorAdjustment
ExtCreatePen
SetRectRgn
SetWindowExtEx
SetGraphicsMode
CreateRectRgn
GetClipRgn
GetTextExtentPoint32W
CreateRectRgnIndirect
PolyDraw
RectVisible
CombineRgn
GetClipBox
ExtSelectClipRgn
GetStockObject
PlayMetaFile
SetBkColor
GetObjectW
ExcludeClipRect
CopyMetaFileW
PtVisible
CreateFontIndirectW
DeleteDC
StartDocW
OffsetWindowOrgEx
ExtTextOutW
SelectClipPath
DeleteObject
SetViewportExtEx
EnumMetaFile
DPtoLP
BitBlt
OffsetViewportOrgEx
RestoreDC
GetDCOrgEx
TextOutW
SetArcDirection
SelectPalette
ScaleWindowExtEx
SetWindowOrgEx
GetCurrentPositionEx
SetROP2
SetTextColor
SetPolyFillMode
Escape
OffsetClipRgn
SetWorldTransform
GetObjectType
CreateHatchBrush
SetTextAlign
CreateCompatibleDC
GetMapMode
SetTextJustification
CreatePatternBrush
GetViewportExtEx
CreateDCW
ScaleViewportExtEx
CreateDIBPatternBrushPt
CreateBitmap
LineTo
PolyBezierTo
GetTextMetricsW
SelectClipRgn
PolylineTo
GetWindowExtEx

kernel32

VirtualAlloc
CreateEventW
SetFileAttributesW
GetFullPathNameW
GetStringTypeExW
WaitForSingleObject
GlobalFindAtomW
GlobalHandle
GetLastError
GlobalReAlloc
LoadResource
GetCurrentProcessId

winhttp

DllGetClassObject

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

shell32

ExtractIconW
Shell_NotifyIconW

advapi32

EqualSid
CryptEncrypt
RegSetValueExA
GetSidSubAuthorityCount
GetTokenInformation
RegConnectRegistryW
RegNotifyChangeKeyValue
SetSecurityDescriptorDacl
OpenThreadToken
StartServiceA
ControlService
RegEnumKeyExA
CryptGetProvParam
UnlockServiceDatabase
SystemFunction041
CryptSetHashParam
InitializeAcl
GetLengthSid
LockServiceDatabase
RegGetKeySecurity
RegEnumKeyA
OpenSCManagerW
CryptDestroyHash
QueryServiceStatus
CopySid
GetUserNameW
RegSetKeySecurity
GetAce
CryptReleaseContext
OpenServiceW
GetSidSubAuthority
RegQueryValueExA
CryptAcquireContextA
SetSecurityDescriptorGroup
CryptSetProviderA
RegQueryInfoKeyW
GetSecurityDescriptorDacl
CryptGenRandom
CryptSetProvParam
CryptGenKey
RegQueryValueExW
CryptGetHashParam
AddAccessAllowedAce
RegCreateKeyExA
WmiQuerySingleInstanceA
LookupPrivilegeValueA
AllocateAndInitializeSid
RegSetValueExW
OpenProcessToken
RegDeleteValueA
IsValidSid
CryptImportKey
CryptDeriveKey
RegDeleteKeyA
RegDeleteValueW
FreeSid
CryptSignHashA
RegOpenKeyExA
CryptCreateHash
GetUserNameA
GetSecurityDescriptorOwner
InitializeSecurityDescriptor
CryptDecrypt
QueryServiceConfigA
CryptGetDefaultProviderW
AdjustTokenPrivileges
RegQueryInfoKeyA
CryptSetKeyParam
RegDeleteKeyW
RegEnumValueW
CryptHashData
StartServiceW
GetSidIdentifierAuthority
RegEnumValueA
SetSecurityDescriptorSacl
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
CloseServiceHandle
SetSecurityDescriptorOwner
RegConnectRegistryA
CryptGetUserKey
CryptVerifySignatureA
CryptDestroyKey
CryptExportKey
CryptGetKeyParam

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc767c3b2c56562a750042271c1fee86

Headers

File Characteristics

Imports

user32

gdi32

kernel32

winhttp

oleacc

shlwapi

shell32

advapi32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 20KB - Virtual size: 412KB

.rdata Size: 356KB - Virtual size: 355KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 20KB - Virtual size: 412KB

.rdata
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 33KB - Virtual size: 33KB