d72c6f3dd975290eaa7fac6bb3632419_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d72c6f3dd975290eaa7fac6bb3632419_JaffaCakes118
Size

322KB
MD5

d72c6f3dd975290eaa7fac6bb3632419
SHA1

1e0ad36eeae9525fe36c671d9f956fbc435d2f64
SHA256

42390dbc3ff4f4e90e09717bbd96913a6634696f595ce319a180409cda391109
SHA512

60ef64952cb8d9ecd836b3090dbd36c135ab026596dd4afa38adb9ec267a383a947e6976921876f3b2e1418ba7cba04c6c082bfb551405e960258a07b15bdb25
SSDEEP

6144:MMuSAnHqWpV1blqYZb1Nu1oHvMHJgsIDWlnZpPNGmx2ZDL3kLEqRo:bXAbPmnISx2ZH3Zq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72c6f3dd975290eaa7fac6bb3632419_JaffaCakes118

Files

d72c6f3dd975290eaa7fac6bb3632419_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43ece1cff369e81fac6bd1a506e87fa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryMultipleValuesW
CryptEncrypt
CryptHashData
StartServiceW
GetUserNameA
RegSetValueExA
RegLoadKeyW
CryptVerifySignatureA
RegQueryInfoKeyA
InitializeSecurityDescriptor
CryptDuplicateHash
LogonUserA
LookupPrivilegeNameW
RegEnumValueA
RegCreateKeyW
RegNotifyChangeKeyValue
LookupPrivilegeValueA
CryptGetDefaultProviderW
CryptEnumProvidersW
RegCreateKeyExW
CryptDuplicateKey
CryptImportKey
RegQueryValueA
LogonUserW
RegFlushKey
RegDeleteValueA
CryptAcquireContextW
RegQueryValueW
LookupSecurityDescriptorPartsW
CryptExportKey
RegQueryInfoKeyW
LookupAccountNameW
RegDeleteValueW
LookupAccountSidW
LookupPrivilegeValueW
AbortSystemShutdownA
RegCreateKeyA
CryptSetProvParam
LookupAccountNameA
CreateServiceA
RegOpenKeyExW
RegQueryValueExA
CryptEnumProviderTypesW
RevertToSelf
CryptVerifySignatureW
RegSaveKeyW
CryptAcquireContextA
CryptSetHashParam
RegSetValueW
CryptSetProviderW
CryptContextAddRef
LookupAccountSidA
InitiateSystemShutdownW
CryptSetProviderExA
CryptGenKey
RegConnectRegistryA
RegCreateKeyExA
LookupPrivilegeDisplayNameA
RegSetKeySecurity
RegCloseKey
CryptHashSessionKey
RegEnumValueW
LookupSecurityDescriptorPartsA
CryptDeriveKey
StartServiceA
AbortSystemShutdownW
CryptGetHashParam
CryptDecrypt
LookupPrivilegeDisplayNameW
LookupPrivilegeNameA
InitiateSystemShutdownA
CryptGetProvParam
RegDeleteKeyW
RegDeleteKeyA
CryptGenRandom
CryptGetUserKey
RegEnumKeyExW
RegLoadKeyA

wsock32

gethostbyaddr
ord1111
WSASetBlockingHook
WSAGetLastError
ord1110
WSAAsyncGetProtoByName
WSASetLastError
WSACancelBlockingCall
WSAIsBlocking
__WSAFDIsSet
ord1116
inet_addr
htons
ord1142
socket
inet_ntoa

user32

ChangeClipboardChain
CallWindowProcA
GetKeyboardState
EnumWindowStationsA
OpenDesktopW
wvsprintfW
EnumDisplayMonitors
ModifyMenuW
CallNextHookEx
DrawFrame
LoadImageW
LoadAcceleratorsA
CharPrevW
DdeCreateDataHandle
EnumThreadWindows
DdeUnaccessData
SetMenuItemInfoA
SetMenuItemBitmaps
InsertMenuW
RegisterClipboardFormatW
MapVirtualKeyA
CreateWindowStationA
CopyAcceleratorTableW
EnumPropsW
ModifyMenuA
TrackMouseEvent
SendMessageTimeoutA
TranslateAccelerator
GetWindowTextLengthW
MapDialogRect
CopyAcceleratorTableA
DdeConnect
ToAsciiEx
CheckRadioButton
ShowWindowAsync
GetClipboardFormatNameA
RedrawWindow
MessageBoxIndirectA
LoadKeyboardLayoutA
PaintDesktop
InternalGetWindowText
RegisterClassExA
SetMessageQueue
CheckMenuRadioItem
MapVirtualKeyExW
GetActiveWindow
GetInputDesktop
SwapMouseButton
DdeCmpStringHandles
LoadImageA
LoadMenuIndirectA
InsertMenuA
GetKeyNameTextW
SystemParametersInfoA
GetClassInfoExA
HideCaret
GetWindowModuleFileNameA
GetMenuState
SetWindowsHookA
OemToCharBuffW
MapVirtualKeyExA
LoadAcceleratorsW
GetMonitorInfoA
SendInput
CreateIconIndirect
GrayStringW
SetCursor
SetWindowRgn

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43ece1cff369e81fac6bd1a506e87fa4

Headers

File Characteristics

Imports

advapi32

wsock32

user32

Sections

.text Size: 148KB - Virtual size: 148KB

.data Size: 173KB - Virtual size: 172KB

.text
Size: 148KB - Virtual size: 148KB

.data
Size: 173KB - Virtual size: 172KB