da2aa10e91eda2c7998668c1c8df734f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da2aa10e91eda2c7998668c1c8df734f_JaffaCakes118
Size

557KB
MD5

da2aa10e91eda2c7998668c1c8df734f
SHA1

230965698ffc79d3e5a644b6c3074449741473ec
SHA256

590668f1736ed74c4549e823353d5870846430963765397facef0b0b85602376
SHA512

0e30b037077482567f816f33a216a1ee8b9be6fd8a1acaf8293d09054b87e8ccf648a19554ae1683c53da6f5b4846fa0048e1782e23991a61d61d843268f15c6
SSDEEP

12288:382L6KGQak92in94Ph8k6oZuc9GOpgFxwDBKYfOUCcxceavydb3:382L6KGQd92inmh16yXIOSwDV1xcvvyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da2aa10e91eda2c7998668c1c8df734f_JaffaCakes118

Files

da2aa10e91eda2c7998668c1c8df734f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a0d39890547682593c421b842063c72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA

gdi32

EnumFontsA
StartPage
AddFontResourceW
PathToRegion
AbortDoc
CreateEnhMetaFileW
Escape
GetStockObject
GetNearestPaletteIndex
GetTextExtentPoint32A

user32

SetScrollPos
GetClassInfoExA
CloseClipboard
GetForegroundWindow
GetWindowRect
FillRect
SendNotifyMessageW
DrawTextA
WinHelpW
IsClipboardFormatAvailable
SetCursorPos
PostMessageW
RegisterDeviceNotificationA
SetParent
CharToOemW
KillTimer
SetWindowsHookExA
InsertMenuW
UnregisterDeviceNotification
PeekMessageW
RegisterHotKey
PostThreadMessageW
GetDC
UnhookWinEvent
InSendMessage
GetCapture
GetKeyboardState

comctl32

ImageList_SetDragCursorImage

kernel32

GetFileAttributesA
WritePrivateProfileSectionW
SetEvent
FreeLibraryAndExitThread
GetPrivateProfileStringA
GetOEMCP
SetConsoleOutputCP
DosDateTimeToFileTime
FlushConsoleInputBuffer
GetProfileStringA
GetACP
CreateDirectoryW
FreeLibrary
FlushFileBuffers
GetEnvironmentStringsW
ExitProcess
SetConsoleCursorPosition
LocalSize
GetDriveTypeW
VirtualLock
SetupComm
GetSystemDirectoryW
FindFirstFileExW
lstrcmpiA
EnumTimeFormatsW

advapi32

LookupAccountNameA
ChangeServiceConfigW
RegQueryInfoKeyA
GetSecurityDescriptorDacl
GetSecurityInfo
RegNotifyChangeKeyValue
GetUserNameW
DeregisterEventSource
LogonUserW
CreateProcessAsUserA
CryptGetProvParam
AdjustTokenPrivileges
RegSetValueExW

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a0d39890547682593c421b842063c72

Headers

File Characteristics

Imports

version

gdi32

user32

comctl32

kernel32

advapi32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 16KB - Virtual size: 16KB