1542f518be42dafcee1200e0869ff65c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1542f518be42dafcee1200e0869ff65c_JaffaCakes118
Size

60KB
MD5

1542f518be42dafcee1200e0869ff65c
SHA1

6934a7e7e55f61380f50bc6b87897172aa505559
SHA256

de34a0d31bb1537147ea68b277c50a21715392e45737a97c8b26603a387c1131
SHA512

bf6b5845c09e8dbaab2d61dce4bd0bddb131c7e1e8e2018760d43c0a35519b1c760d5f5e43ec089f847cdcb326e12b8d60d581b67a84dcc10a70eaa88f6ef90c
SSDEEP

1536:Ee5u+DUvlMtkW6fjFl3UPVlgHxGoHPhHzrDv:EQuWUvpbFlEPqGoHPhHzrDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1542f518be42dafcee1200e0869ff65c_JaffaCakes118

Files

1542f518be42dafcee1200e0869ff65c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fc65cb2d3b622f47bb1f6f6b805f5c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WinHelpA
EnumPropsExA
RemovePropA
SetSysColors
LoadIconA
GetSystemMenu
UpdateWindow
GetScrollBarInfo
DrawTextExA
GetWindowRect
ShowCursor
DrawMenuBar
LoadMenuIndirectA
PostQuitMessage
ScrollDC
DefMDIChildProcA
CascadeWindows
GetMenuItemCount
CharToOemBuffA
GetNextDlgTabItem
DestroyMenu
ArrangeIconicWindows
SetDebugErrorLevel
InsertMenuItemA
SetKeyboardState
RegisterDeviceNotificationA
GetComboBoxInfo
LoadAcceleratorsA
UnhookWinEvent
SendIMEMessageExA
GetAsyncKeyState
SetScrollInfo
CreateIconIndirect
DdeClientTransaction
DrawFrame
CharNextExA
GetMessagePos
SendMessageTimeoutA
GetWindowWord
CloseDesktop
CopyIcon
IsWindowUnicode
SetClipboardData
RegisterWindowMessageA
ChangeMenuA
OpenDesktopA
DispatchMessageA
SetProcessWindowStation
CreateWindowExA
CheckMenuItem
LookupIconIdFromDirectory
MapVirtualKeyExA

advapi32

CopySid
DeregisterEventSource
EnumDependentServicesA
GetNumberOfEventLogRecords
BackupEventLogA
RegFlushKey
CryptHashSessionKey
SetEntriesInAuditListA
OpenEventLogA
RegUnLoadKeyA
GetServiceDisplayNameA
ObjectDeleteAuditAlarmA
RegDeleteValueA
PrivilegeCheck
AddAce
CryptGenKey
CryptGetKeyParam
ControlService
SetServiceStatus
AccessCheck
GetMultipleTrusteeA
CryptSignHashA
GetExplicitEntriesFromAclA
RegOpenKeyA
GetSecurityDescriptorControl
RevertToSelf
GetSidSubAuthority
BuildSecurityDescriptorA
ChangeServiceConfigA
IsTextUnicode
FindFirstFreeAce
AllocateAndInitializeSid
CryptContextAddRef
GetSecurityDescriptorOwner
CryptDestroyHash
GetTrusteeTypeA
QueryServiceObjectSecurity
CryptEncrypt

shlwapi

UrlGetLocationA

Sections

.mxq
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqtcr
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.utmpu
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdux
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fc65cb2d3b622f47bb1f6f6b805f5c6

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

Sections

.mxq Size: 22KB - Virtual size: 45KB

.tqtcr Size: 5KB - Virtual size: 10KB

.utmpu Size: 1KB - Virtual size: 2KB

.gdux Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.mxq
Size: 22KB - Virtual size: 45KB

.tqtcr
Size: 5KB - Virtual size: 10KB

.utmpu
Size: 1KB - Virtual size: 2KB

.gdux
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB