d6ced7efb5d23b2077160421d2148b79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6ced7efb5d23b2077160421d2148b79_JaffaCakes118
Size

214KB
MD5

d6ced7efb5d23b2077160421d2148b79
SHA1

78fbda89725efadc98aa99dbaa5514a7493e4d55
SHA256

bb2bfc767c2d1fc98536a6726285da188b9752fe507058ee80b4df1870dee1cf
SHA512

d4ff0cb26bc96e96b60db9cb7d9b66b0c70a4bf4c0def668ff9d53728ecb3f7d699882e5cef3779cdf099ea37b37d4623e31081fa49237083b03359d93eacb12
SSDEEP

3072:Z1vOJbD+45T0hv/BrWaCzIqMs5XcYJIFjoTsPU7ACyFTqbdWhW+a6gfLwxC:fWhDr0Z/Br3YIKV0ULs5FIr+a6gf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6ced7efb5d23b2077160421d2148b79_JaffaCakes118

Files

d6ced7efb5d23b2077160421d2148b79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f749c72922366816303befed96a738c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Arc
ArcTo
CreateCompatibleBitmap
CreateDIBSection
CreateHalftonePalette
CreateMetaFileW
CreatePatternBrush
CreatePen
DeleteEnhMetaFile
EnumFontFamiliesA
GetBitmapBits
GetBkColor
GetCharWidthW
GetDeviceCaps
GetMetaFileBitsEx
GetPixel
GetRegionData
GetStretchBltMode
GetTextExtentPointW
GetTextFaceA
PlayMetaFileRecord
SetDIBColorTable
SetGraphicsMode
SetMetaFileBitsEx
SetPixel

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
CryptDestroyHash
CryptHashData
DeleteService
EqualSid
GetLengthSid
GetUserNameA
OpenProcessToken
OpenServiceW
OpenThreadToken
RegCreateKeyExA
RegEnumKeyW
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
SetSecurityDescriptorDacl

shell32

DragAcceptFiles
ExtractIconExA
ExtractIconExW
SHGetDiskFreeSpaceExW
SHGetFileInfo
ShellExecuteA

kernel32

CreateFileW
DeleteFileW
FindNextFileA
FindNextFileW
FindResourceW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileSize
GetStringTypeA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetVersionExA
LocalAlloc
LockResource
MulDiv
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RtlUnwind
SetStdHandle
TlsGetValue
UnmapViewOfFile
VirtualFree
lstrlenW

comctl32

CreatePropertySheetPageA
CreateToolbarEx
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Read
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetOverlayImage
PropertySheetA

user32

CharLowerA
DrawMenuBar
FrameRect
GetDesktopWindow
GetIconInfo
GetWindowPlacement
KillTimer
ScrollWindow
SetWindowsHookExA
TranslateMessage

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Cn4WXcGl
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f749c72922366816303befed96a738c

Headers

File Characteristics

Imports

gdi32

advapi32

shell32

kernel32

comctl32

user32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

Cn4WXcGl Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

Cn4WXcGl
Size: 2KB - Virtual size: 120KB