d9f2ea74bcd1079d409a8555c167b307_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9f2ea74bcd1079d409a8555c167b307_JaffaCakes118
Size

258KB
MD5

d9f2ea74bcd1079d409a8555c167b307
SHA1

f1e09ee44ec621f860b40bbe62ebf50fd32df1fe
SHA256

34dcf6229704606da4d7ee9c4fb937292ad3e6c66ec687f328358a9e72bea6f9
SHA512

06232caf8db25deec313411d168c1f566e863ab83c631e8d2612350968850344055b0e0f78f537872cb976c593a7e9c0975b36e6baca9943e3e0612be61ae8a6
SSDEEP

6144:7xFVNf8H0IJAFWFy0hhM5rgSqZykE4HG11yd:7xFDElJwovhC50rEIm1cd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f2ea74bcd1079d409a8555c167b307_JaffaCakes118

Files

d9f2ea74bcd1079d409a8555c167b307_JaffaCakes118
.exe windows:3 windows x86 arch:x86

5cd704c5bb918b60628e85eca7876886

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoInitializeEx
CoInitializeSecurity
CoCreateInstance

user32

GetPropW
GetDesktopWindow
SetWindowsHookExW
GetSystemMetrics
InflateRect
CallWindowProcW
GetMessageW
GetDoubleClickTime
GetMonitorInfoW
SetWindowLongW
GetDC
CallNextHookEx
UpdateLayeredWindow
IsWindow
IntersectRect
DestroyIcon
RegisterDeviceNotificationW
LoadStringW

hid

HidD_GetAttributes
HidP_GetUsageValue
HidD_GetHidGuid
HidP_GetSpecificValueCaps
HidP_MaxUsageListLength
HidD_GetProductString
HidP_GetSpecificButtonCaps
HidP_GetCaps

advapi32

RegOpenKeyExW
RegSetValueW
GetLengthSid
RegQueryValueExA
SetSecurityDescriptorOwner
RegOpenKeyW
SetSecurityDescriptorDacl
RegOpenKeyExA
RegCreateKeyW
RegCreateKeyExW

kernel32

GetSystemDirectoryW
GetProcAddress
SetThreadExecutionState
SetProcessShutdownParameters
GetProcessHeap
GlobalDeleteAtom
SetProcessShutdownParameters
HeapFree
GetLastError
CreateMutexW
DeleteCriticalSection
WaitForSingleObject
CreateFileW
GetCommandLineW
CreateEventW
FlushInstructionCache
CompareStringW
VirtualAlloc
ResetEvent
GetCurrentProcess
HeapAlloc
GetTickCount
CloseHandle
MapViewOfFile
QueueUserAPC
GetStdHandle
VirtualFree
lstrcpyW
UnmapViewOfFile
InitializeCriticalSectionAndSpinCount
lstrlenW
GetCurrentThread
CreateFileMappingW
SetEvent
GetOverlappedResult

msvcrt

_beginthreadex
_except_handler3
fputws
_controlfp
??1type_info@@UAE@XZ
?terminate@@YAXXZ
malloc
_wcsicmp
wcsstr
_CIpow
__set_app_type
wcslen
_wcmdln
_itow

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey

atl

ord16

gdi32

CreateCompatibleBitmap
DeleteDC
DeleteObject
GetDeviceCaps

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cd704c5bb918b60628e85eca7876886

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

hid

advapi32

kernel32

msvcrt

setupapi

atl

gdi32

Sections

.text Size: 217KB - Virtual size: 217KB

.data Size: 36KB - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 560KB

.text
Size: 217KB - Virtual size: 217KB

.data
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 560KB