fee030974b347ab3c435e7f4b9482420_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fee030974b347ab3c435e7f4b9482420_JaffaCakes118
Size

59KB
MD5

fee030974b347ab3c435e7f4b9482420
SHA1

267ca1f6ba98ae9ec35d56e451b91d5b8197d108
SHA256

9077a518a4460b8191ac3471f60bc479f97fcda7c3c70f091075e91a25eeb101
SHA512

5d1e1b60dae878952a67a11302285ec7d95203e186b8b3a1754d798d4a4a92285ef2352e0dce41a9ec41b56a7f6a321d5754e12002c5ac8da7cd4b24a18ed83e
SSDEEP

1536:S/YJPqTlqWYf1/vgNBsqVGLWE1SF78P2RkUVRpOmD+:56q1NoMGYAhVRpOmD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee030974b347ab3c435e7f4b9482420_JaffaCakes118

Files

fee030974b347ab3c435e7f4b9482420_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ed73bd6af86d20679649bc0d5b47cfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MonitorFromPoint
DrawFrame
GetScrollBarInfo
CharToOemBuffA
DdeNameService
UpdateWindow
IsCharLowerA
DrawTextExA
GetAsyncKeyState
ShowCursor
GetKeyboardLayoutList
RegisterDeviceNotificationA
CascadeWindows
ToUnicodeEx
ScrollDC
GetMessagePos
InsertMenuItemA
CreateDialogParamA
DrawMenuBar
DlgDirSelectExA
DdeCreateDataHandle
GetDlgCtrlID
DdeGetLastError
SetProcessWindowStation
IsWindowUnicode
FindWindowExA
CreateWindowExA
RemovePropA
ArrangeIconicWindows
CopyIcon
DestroyAcceleratorTable
GetTopWindow
ShowWindowAsync
OpenDesktopA
TileWindows
ExcludeUpdateRgn
MessageBoxA
DrawCaption
DestroyMenu
GetNextDlgTabItem
wvsprintfA
EndMenu
GetClipboardFormatNameA
GetIconInfo
GetProcessDefaultLayout
EnumClipboardFormats
SetDebugErrorLevel
PostQuitMessage
DispatchMessageA
IMPGetIMEA
FreeDDElParam
UnpackDDElParam
SetKeyboardState
GetMenuState

advapi32

BuildSecurityDescriptorA
RevertToSelf
ControlService
RegSaveKeyA
AccessCheck
IsTextUnicode
GetSidSubAuthority
BackupEventLogA
CryptGetKeyParam
CryptHashSessionKey
RegQueryValueA
RegUnLoadKeyA
GetNumberOfEventLogRecords
GetTrusteeTypeA
CryptContextAddRef
QueryServiceObjectSecurity
CryptSetKeyParam
CryptSignHashA
PrivilegeCheck
AddAce
ChangeServiceConfigA
RegConnectRegistryA
RegDeleteValueA
GetMultipleTrusteeA
ObjectDeleteAuditAlarmA
GetExplicitEntriesFromAclA
InitializeAcl
RegOpenKeyA
AllocateAndInitializeSid
SetEntriesInAuditListA
CopySid
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetServiceDisplayNameA
GetAclInformation
CryptEncrypt

shlwapi

HashData

Sections

.whkbm
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.upk
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rars
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ed73bd6af86d20679649bc0d5b47cfe

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

Sections

.whkbm Size: 22KB - Virtual size: 45KB

.upk Size: 5KB - Virtual size: 10KB

.rars Size: 1024B - Virtual size: 1KB

.exc Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.whkbm
Size: 22KB - Virtual size: 45KB

.upk
Size: 5KB - Virtual size: 10KB

.rars
Size: 1024B - Virtual size: 1KB

.exc
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB