db981a5f35cea5a5a406ff78386012ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db981a5f35cea5a5a406ff78386012ba_JaffaCakes118
Size

52KB
MD5

db981a5f35cea5a5a406ff78386012ba
SHA1

3bb88740fa2b19580b70440041b47738ca5899a0
SHA256

a43dddd3adc93316222a1e6a9b34c1392132a42c1eab14ec2f5d0db06671f17c
SHA512

119846df2f3df7569c8f80e4cbc5b889f86e81a686f47d83049a157890c70df282caa3e53581a5b5856d2a7890b61bb243166a063ac3572a5a6f53dd1765ec6b
SSDEEP

1536:imvrnfOfaaLjwPeQyRNzCQM+KlPBK/9zOfBENNELY:HjWNkWQyRNWQ6P0/9qfYE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db981a5f35cea5a5a406ff78386012ba_JaffaCakes118

Files

db981a5f35cea5a5a406ff78386012ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupInstallFromInfSectionA
SetupInstallServicesFromInfSectionA

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

WaitForSingleObject
RemoveDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
SetEvent
OpenEventA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
RaiseException
InitializeCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetCurrentProcess
GetCurrentThread
GetTickCount
GetSystemDirectoryA
LoadResource
CreateMutexA
LoadLibraryW
LocalFree
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoW
IsValidCodePage
IsValidLocale
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
IsBadCodePtr
IsBadReadPtr
Sleep
LoadLibraryA
FreeLibrary
GetLastError
GetModuleHandleA
GetModuleFileNameA
IsBadWritePtr
SetUnhandledExceptionFilter
GetStartupInfoA
GetTempPathA
GetProcessHeap
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
ExitProcess
GetFileAttributesA
GetSystemInfo
GetOEMCP
GetCPInfo
TlsAlloc
QueryPerformanceCounter
FatalAppExitA
HeapCreate
lstrcmpA
GetProcAddress

user32

FindWindowA
wsprintfA
PostMessageA
GetSystemMetrics
MessageBoxA
UnregisterClassA
CharUpperW
CharUpperA
CharLowerW
CharLowerA
RegisterWindowMessageA

advapi32

RegFlushKey
RegCreateKeyExA
ImpersonateSelf
RevertToSelf
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
StartServiceA
ControlService
DeleteService
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
RegQueryInfoKeyA

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

serialui

drvCommConfigDialogA
drvGetDefaultCommConfigW
drvCommConfigDialogW
drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvGetDefaultCommConfigA

kbdlt1

KbdLayerDescriptor

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UsuNF
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pUXjU
Size: 5KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hVkpe
Size: 8KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yIAWaW
Size: 2KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kswLe
Size: 8KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c4c7af5ae4ca91e4e0ef11c902b1a45

Headers

File Characteristics

Imports

setupapi

psapi

kernel32

user32

advapi32

shell32

ole32

serialui

kbdlt1

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 16KB

.UsuNF Size: 1024B - Virtual size: 37KB

.pUXjU Size: 5KB - Virtual size: 81KB

.hVkpe Size: 8KB - Virtual size: 101KB

.yIAWaW Size: 2KB - Virtual size: 47KB

.data Size: 6KB - Virtual size: 50KB

.kswLe Size: 8KB - Virtual size: 100KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 16KB

.UsuNF
Size: 1024B - Virtual size: 37KB

.pUXjU
Size: 5KB - Virtual size: 81KB

.hVkpe
Size: 8KB - Virtual size: 101KB

.yIAWaW
Size: 2KB - Virtual size: 47KB

.data
Size: 6KB - Virtual size: 50KB

.kswLe
Size: 8KB - Virtual size: 100KB

.rsrc
Size: 2KB - Virtual size: 1KB