bf6629808c6cf8f8e520e5c516e2de50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf6629808c6cf8f8e520e5c516e2de50_JaffaCakes118
Size

281KB
MD5

bf6629808c6cf8f8e520e5c516e2de50
SHA1

c0affd2d82a577e12abfb51a3959ce5f19d18621
SHA256

2a8cf03a28269bdf21cf59d6b7e7012519b71ad401f2109ca6be0f1498a6f9af
SHA512

6c13be8993ab3b8d7cd3f884e1f12fd7d79d6a96e53c126bbcbafd27e919c1399b24dc0234378550a0314465038e2d93e7d669e46d688e0138c31a891650ce0f
SSDEEP

6144:v54K+glIl7FgDEbElClyX8f6yocNy9HqKGCl4WT18s:v5agu+w4lCQRcNy9K4lh58s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf6629808c6cf8f8e520e5c516e2de50_JaffaCakes118

Files

bf6629808c6cf8f8e520e5c516e2de50_JaffaCakes118
.exe windows:0 windows x86 arch:x86

c50e10d12584da589c9ea42f687eede4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CallWindowProcW
SystemParametersInfoW
WindowFromPoint
GetThreadDesktop
ClientToScreen
EnumDisplayMonitors
SetWindowsHookExW
GetDoubleClickTime
GetSystemMetrics
IntersectRect
RegisterWindowMessageW
OpenDesktopW
PtInRect
MonitorFromPoint
MonitorFromWindow
EnumDisplaySettingsW
GetDesktopWindow
GetSysColorBrush
UpdateLayeredWindow
DestroyWindow
RegisterDeviceNotificationW
IsWindow
DispatchMessageW
ReleaseDC
GetUserObjectInformationW

msvcrt

??1type_info@@UAE@XZ
_wfopen
_except_handler3
__wgetmainargs
_exit
__set_app_type
_initterm
_purecall
wcstol
__p__commode
_CIpow
??2@YAPAXI@Z
_onexit
fclose
_XcptFilter
__p__fmode
_controlfp
wcscmp
free

hid

HidP_GetUsageValue
HidP_GetCaps
HidD_GetHidGuid
HidP_MaxUsageListLength
HidP_GetUsages
HidP_GetSpecificButtonCaps
HidD_GetProductString
HidD_FreePreparsedData

gdi32

DeleteDC
CreateCompatibleDC
DeleteObject
SelectObject

setupapi

SetupDiGetClassDevsExW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

atl

ord57
ord20
ord18
ord58
ord45
ord32
ord43
ord17

kernel32

ResetEvent
GetCommandLineW
CreateEventW
GetCurrentThread
WaitForMultipleObjectsEx
CreateFileW
FreeLibrary
VerifyVersionInfoW
GetTickCount
VirtualFree
InterlockedIncrement
SetThreadPriority
SetThreadExecutionState
SetPriorityClass
GetProcessWorkingSetSize
GetOverlappedResult
VirtualAlloc
WaitForSingleObject
MapViewOfFile
OpenProcess
UnmapViewOfFile
HeapFree
ReleaseMutex
GlobalDeleteAtom
QueryPerformanceFrequency
WaitForMultipleObjects
GetLastError
GetCurrentThreadId
DuplicateHandle
CloseHandle
InterlockedDecrement
CloseHandle
MulDiv
GetTickCount
GetProcAddress
CompareStringW
HeapAlloc
CreateWaitableTimerW

advapi32

RegQueryValueExW
RegCreateKeyExW
GetTokenInformation
SetSecurityDescriptorGroup
RegOpenKeyW
RegSetValueW
RegDeleteKeyW
CopySid
SetSecurityDescriptorOwner
GetLengthSid
OpenProcessToken

ole32

CoInitializeSecurity
CoTaskMemFree

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c50e10d12584da589c9ea42f687eede4

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

hid

gdi32

setupapi

atl

kernel32

advapi32

ole32

Sections

.text Size: 180KB - Virtual size: 180KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 33KB - Virtual size: 556KB

.text
Size: 180KB - Virtual size: 180KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 33KB - Virtual size: 556KB