d2fa66cf84961744ad74e934145fe554_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2fa66cf84961744ad74e934145fe554_JaffaCakes118
Size

98KB
MD5

d2fa66cf84961744ad74e934145fe554
SHA1

c754e5c470be6a45e1a83027d6012df37f27bf1e
SHA256

56c9e431c2fc4ec18301ad53b1f3748f3ed3bf9027f47f70a58bd44c46c131be
SHA512

52ce90cf4e611cea039dfc4646a9b72e71ef12119aef13031223fcb39887015b2222d90b298f42d9cbea538613e205ecf331a0776b0673d62cd6dcbb2486313e
SSDEEP

3072:UtRMjNnbAEt1z8wMlHHZIpCu6OuWRAChKlsJ:QYlbAEkJHHKpCp7WRZh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2fa66cf84961744ad74e934145fe554_JaffaCakes118

Files

d2fa66cf84961744ad74e934145fe554_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3c1d60d817929885e10be6a6a1d67bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInGetNumDevs
waveInGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerClose

user32

TranslateMessage
TrackPopupMenu
SystemParametersInfoA
ShowWindow
SetForegroundWindow
SendMessageA
ReleaseDC
RegisterClassA
PostQuitMessage
PostMessageA
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
InsertMenuItemA
GetWindow
GetSysColor
GetMessageA
GetMenuCheckMarkDimensions
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
DispatchMessageA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA
RegSetKeySecurity
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller

kernel32

SetEvent
SearchPathA
RtlUnwind
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryA
LCMapStringA
HeapReAlloc
HeapFree
SetHandleCount
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
HeapDestroy
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentProcess
GetCommandLineA
GetCPInfo
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
DeviceIoControl
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetOEMCP

Sections

.text
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3c1d60d817929885e10be6a6a1d67bb

Headers

File Characteristics

Imports

winmm

user32

advapi32

setupapi

kernel32

Sections

.text Size: 85KB - Virtual size: 88KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 85KB - Virtual size: 88KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB