14878f90f02a4256b5f68f3ed8f4c7c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14878f90f02a4256b5f68f3ed8f4c7c1_JaffaCakes118
Size

952KB
MD5

14878f90f02a4256b5f68f3ed8f4c7c1
SHA1

782c4b0e6ec6087e3063bb1bae341afa261ff7eb
SHA256

0997ba181e732ad39c9c0a6f2300527f9c6c2b3c1221ae87e43924b6a3f1828f
SHA512

8862a30c61052b00f4d20b366d811400edfb282ff0df8a83254099e5faa7d17e5828af92cec05433f04f595d9964416b39024d0c1722688332e56020bb6b3119
SSDEEP

24576:NgjSq5zFUsnnc7NboRPN5biBHSUTTwBoYuQsO3peVM:Ngj5zF7nMG3biBHSgYgQpeV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14878f90f02a4256b5f68f3ed8f4c7c1_JaffaCakes118

Files

14878f90f02a4256b5f68f3ed8f4c7c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32ac5fbe277c6296f74c3ca86347fe0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CopySid
AllocateAndInitializeSid
FreeSid
RegDeleteValueA
RegCreateKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSid
InitializeSecurityDescriptor
EqualSid
AddAccessAllowedAce
InitializeAcl
GetAclInformation
AddAce
LookupAccountNameA
OpenProcessToken
GetTokenInformation
GetLengthSid
RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
GetSecurityDescriptorLength
MakeSelfRelativeSD
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumValueA
GetAce
LookupAccountSidA
MapGenericMask
GetSecurityDescriptorDacl
GetExplicitEntriesFromAclA
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
RegQueryInfoKeyA

shlwapi

wnsprintfA

ole32

CreateBindCtx
MkParseDisplayName
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

winmm

midiInGetID
midiConnect
midiDisconnect

msvcrt

_itoa
exit
_stricmp
wcstombs
isxdigit
toupper
isdigit
isspace
_c_exit
_exit
_XcptFilter
_cexit
_acmdln
strtol
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
malloc
free
__CxxFrameHandler
strrchr
__dllonexit
_onexit
strtok
atoi
_strnicmp
__getmainargs
_controlfp
?terminate@@YAXXZ
mbstowcs
_setmbcp

user32

MessageBoxA
EmptyClipboard
SetClipboardData
CloseClipboard
GetMessagePos
LoadBitmapA
OpenClipboard
GetFocus
LoadMenuA
GetSubMenu
EnableMenuItem
SetActiveWindow
UpdateWindow
RedrawWindow
LoadCursorA
SetCursor
SendMessageA
EnableWindow
ScreenToClient
GetWindowRect
wsprintfA
LoadIconA
DeleteMenu

comctl32

ImageList_AddMasked

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FormatMessageA
GetCurrentProcess
CloseHandle
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetUserDefaultLCID
LoadLibraryExA
TerminateProcess
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SuspendThread
ResumeThread
WinExec
GetLastError
lstrcmpiA
lstrcmpA
GetVersionExA
lstrlenA
GetModuleFileNameA
lstrcpyA
lstrcatA
lstrlenW
LoadLibraryA
GetProcAddress
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
GetStartupInfoA
GetTickCount

gdi32

DeleteObject

shell32

ExtractIconA
DragFinish
DragQueryFileA
ShellAboutA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 429KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 36KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32ac5fbe277c6296f74c3ca86347fe0f

Headers

File Characteristics

Imports

advapi32

shlwapi

ole32

winmm

msvcrt

user32

comctl32

kernel32

gdi32

shell32

version

Sections

.text Size: 481KB - Virtual size: 481KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 429KB - Virtual size: 428KB

.edata Size: 36KB - Virtual size: 3.3MB

.text
Size: 481KB - Virtual size: 481KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 429KB - Virtual size: 428KB

.edata
Size: 36KB - Virtual size: 3.3MB