fda0eaca3b11dd1643384a64a9d7d4b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fda0eaca3b11dd1643384a64a9d7d4b9_JaffaCakes118
Size

858KB
MD5

fda0eaca3b11dd1643384a64a9d7d4b9
SHA1

9632446965493f5f025feba9dfbef52c98ead9ca
SHA256

080890589668ad5efaca5fc245f6efbc44c9c5c2aea7046360dcd43e18244839
SHA512

d23ceb36b962743f75ef28a230886b71917c00da312022fc87efddee864713584c466772618e805bd88cce599c59e0f0101c359bf1cc229da54412bdfca66f58
SSDEEP

24576:LM1qd0G7Xvl4pU9yU7uSqxkbzWqJ6AQ97:Q1i0AXvl4pUdXq6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fda0eaca3b11dd1643384a64a9d7d4b9_JaffaCakes118

Files

fda0eaca3b11dd1643384a64a9d7d4b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64ec68e2fa5cb7da41b555d4a9bf26cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GrayStringA
GetClipboardSequenceNumber
DdeEnableCallback
DestroyAcceleratorTable
CreateAcceleratorTableA
GetClipboardFormatNameA
GetQueueStatus
IsWindowEnabled
OpenInputDesktop
GetClassInfoA
DlgDirListComboBoxA
CallWindowProcA
GetMenuInfo
CreateCursor
BroadcastSystemMessageA
HideCaret
PostQuitMessage
BeginPaint
GetDialogBaseUnits
GetClipboardOwner
GetUserObjectInformationA
SetWindowLongA
CreateIconIndirect
CharToOemBuffA
SetWindowPos
SetClassLongA
SetMenuContextHelpId
CallNextHookEx
DrawTextExA
GetDC
CloseDesktop
RegisterClassA
SetWindowRgn
BroadcastSystemMessage
GetKeyboardState
OpenIcon
CountClipboardFormats
GetSystemMetrics
TileChildWindows
CascadeWindows
CopyImage
LoadCursorFromFileA
PaintDesktop
FlashWindow
DrawTextA
CharPrevA
LoadAcceleratorsA
GetPropA

advapi32

CryptDestroyHash
RegQueryValueA
RegCreateKeyExA
RegSaveKeyA
EqualPrefixSid
CryptSignHashA
SetEntriesInAccessListA
GetSidLengthRequired
BackupEventLogA
GetAclInformation
GetSecurityDescriptorControl
DeleteAce
GetServiceKeyNameA
GetTokenInformation
GetMultipleTrusteeOperationA
GetSidSubAuthorityCount
CloseEventLog
RegSetValueExA
BuildTrusteeWithNameA
ImpersonateSelf
GetOldestEventLogRecord
FindFirstFreeAce
CryptEnumProvidersA
QueryServiceObjectSecurity
CryptVerifySignatureA
RegisterEventSourceA
AccessCheckAndAuditAlarmA
CryptSetKeyParam
OpenSCManagerA
ObjectOpenAuditAlarmA
InitializeSid
AddAce
DuplicateTokenEx
GetNumberOfEventLogRecords
ObjectDeleteAuditAlarmA
CryptHashSessionKey
CryptExportKey
RegCreateKeyA
GetOverlappedAccessResults
InitializeAcl
GetNamedSecurityInfoA
SetFileSecurityA

kernel32

CreateSocketHandle

Sections

.orizev
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cpcdyd
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bmxyt
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xsxqr
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.alqb
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zepmv
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zqbkz
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdix
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdaxqn
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ec68e2fa5cb7da41b555d4a9bf26cd

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.orizev Size: 635KB - Virtual size: 1.3MB

.cpcdyd Size: 5KB - Virtual size: 5KB

.bmxyt Size: 19KB - Virtual size: 27KB

.xsxqr Size: 512B - Virtual size: 20KB

.alqb Size: 6KB - Virtual size: 15KB

.zepmv Size: 512B - Virtual size: 56B

.zqbkz Size: 512B - Virtual size: 24B

.kdix Size: 48KB - Virtual size: 76KB

.wdaxqn Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.orizev
Size: 635KB - Virtual size: 1.3MB

.cpcdyd
Size: 5KB - Virtual size: 5KB

.bmxyt
Size: 19KB - Virtual size: 27KB

.xsxqr
Size: 512B - Virtual size: 20KB

.alqb
Size: 6KB - Virtual size: 15KB

.zepmv
Size: 512B - Virtual size: 56B

.zqbkz
Size: 512B - Virtual size: 24B

.kdix
Size: 48KB - Virtual size: 76KB

.wdaxqn
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB