d4d161764c5a581085e1f8cbcbd50897_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4d161764c5a581085e1f8cbcbd50897_JaffaCakes118
Size

180KB
MD5

d4d161764c5a581085e1f8cbcbd50897
SHA1

79e2b957383b1992b5cdf9532a863126d00184ea
SHA256

aa25f5f6fbc4f05b45e9d91629475d92ca3b0f18b79eb60207ea31e78fe330f3
SHA512

f7a04cd99bbe1a28c11c1a43a769a0a0370b2afdd292108f0a403e959c25719275b943b53ffdce6c7f35bb379fcca476557e88b050255debe786e0768d9b473a
SSDEEP

3072:jQ2WUFO82nVtlhem3MOv5HKqCigRKXIN20cbChkM8PclDyHc6DNDwkIUnSM:UqFO//2m3MOhHHgRlNybCd8P4DyHpNDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4d161764c5a581085e1f8cbcbd50897_JaffaCakes118

Files

d4d161764c5a581085e1f8cbcbd50897_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1965feeb7264bcbec1a2f463324b82b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
VirtualAllocEx
GetFileAttributesExA
GetEnvironmentStringsA
DeleteTimerQueue
ReadConsoleOutputCharacterA
FindFirstFileExW
CreateEventA
GetCommandLineA
MoveFileWithProgressA
WaitForSingleObject
GetCPInfo
GetComputerNameA
GetVersionExA
LZCopy
GetConsoleKeyboardLayoutNameA
GetConsoleWindow
GetDllDirectoryA
QueryDosDeviceA
Process32Next
FileTimeToDosDateTime
SetConsoleCtrlHandler
FindFirstVolumeMountPointA
ChangeTimerQueueTimer
GetDiskFreeSpaceExA
TerminateThread
IsValidCodePage
OpenWaitableTimerA
GlobalSize
GetLastError
GetDevicePowerState
GetSystemWindowsDirectoryA
GetConsoleCursorInfo
GetConsoleHardwareState
GetEnvironmentVariableA
PulseEvent
IsBadStringPtrA
GetModuleFileNameA
SetHandleInformation
EnumSystemLocalesA
SetTapeParameters
GetConsoleCommandHistoryLengthW
GetVersionExA
SetProcessPriorityBoost
GlobalFindAtomA
WriteConsoleOutputCharacterA
GetProcessWorkingSetSize
GetCommModemStatus
GetPrivateProfileStructA
GetDllDirectoryA
SetFilePointer
OpenJobObjectA
BuildCommDCBAndTimeoutsW
GetNamedPipeInfo
CreateWaitableTimerA
CreateNamedPipeA
OpenSemaphoreA
ExpandEnvironmentStringsA
GetProcessTimes
GetCommandLineA
CommConfigDialogA
CopyFileExA
GetPriorityClass
LCMapStringA
OutputDebugStringA
EndUpdateResourceA
GetUserDefaultUILanguage
GetConsoleOutputCP
IsSystemResumeAutomatic
ReadConsoleInputA
SetFileAttributesA
GetFileAttributesA
GetCurrentThreadId
UnlockFile

user32

PostThreadMessageA
DestroyCursor
UnhookWindowsHookEx
IsCharUpperA
BringWindowToTop
DefWindowProcA
GetRawInputBuffer
DefDlgProcA
TabbedTextOutA
GetSubMenu
LockWindowUpdate
OemToCharBuffA
GetKeyboardState
UnhookWindowsHookEx
SetMessageExtraInfo
PostThreadMessageA
EnumThreadWindows
TabbedTextOutA
GetTabbedTextExtentA
GetClipboardFormatNameA
PeekMessageA
DragObject
MonitorFromPoint
CallMsgFilter
IsDlgButtonChecked
FreeDDElParam
IsCharAlphaA
CreateMenu
IsCharLowerA
CreateIcon
ScrollChildren
DispatchMessageA
SendInput
TrackPopupMenuEx
IsCharAlphaA
MenuWindowProcA
SetWindowsHookExW
MessageBoxExA
GetDlgItem
RegisterServicesProcess
DrawStateA
RegisterMessagePumpHook
GetMessageTime
IsCharAlphaNumericW
GetThreadDesktop
MessageBoxExA
ShowScrollBar
PostMessageA
CharLowerBuffA
GetKeyNameTextA
SetProgmanWindow
CharUpperBuffA
MessageBoxIndirectA
ModifyMenuA
SetWindowStationUser
ScreenToClient
UnhookWinEvent
CheckMenuItem
EnumWindows
SetDlgItemInt
CallMsgFilter

advapi32

AddAccessDeniedObjectAce

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1965feeb7264bcbec1a2f463324b82b2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 142KB - Virtual size: 144KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 33KB - Virtual size: 36KB

.text
Size: 142KB - Virtual size: 144KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 33KB - Virtual size: 36KB