2a44d2d72fd1c5ba84f6c47535a73c3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a44d2d72fd1c5ba84f6c47535a73c3d_JaffaCakes118
Size

18KB
MD5

2a44d2d72fd1c5ba84f6c47535a73c3d
SHA1

bd4ba162ae69976db38f41b30600d157788c12a1
SHA256

c513cce3cfba106221bdff98acaf8ccdb20c128444dc32dd3dc9bf6a1d6f409b
SHA512

bc7287a244d9610ea149bd7b86787e12504b96d89a100603ac78a3ee43224368d07a29b88f7e9e23d9f8550cfbc0e34df2ad1a55c8b4622a3547360e687772d7
SSDEEP

384:vSiRqG+jTrkiDjo30mRi9CzSv+WuIfohjO74M4LbsiS6g/XuLm26:APrkp3IUzSmWu4GLI68XuLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a44d2d72fd1c5ba84f6c47535a73c3d_JaffaCakes118

Files

2a44d2d72fd1c5ba84f6c47535a73c3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ae3cf69bef5634d498a24c9ec3f316f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LIBID_Accessibility
GetStateTextA
AccessibleObjectFromEvent
DllUnregisterServer
WindowFromAccessibleObject
CreateStdAccessibleObject
IID_IAccessibleHandler
GetOleaccVersionInfo
LresultFromObject
AccessibleObjectFromWindow
IID_IAccessible
CreateStdAccessibleProxyA
DllCanUnloadNow
GetRoleTextA
AccessibleObjectFromPoint
AccessibleChildren
ObjectFromLresult
DllGetClassObject
CreateStdAccessibleProxyW
GetStateTextW
GetRoleTextW

advapi32

AllocateAndInitializeSid
RegQueryInfoKeyW
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueW
CloseServiceHandle
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExA
InitializeSecurityDescriptor
RegDeleteValueW
GetTokenInformation
RegSetValueExA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegDeleteValueA
RegSetValueExW
OpenThreadToken
RegOpenKeyExW
RegEnumKeyExW
FreeSid
RegDeleteKeyA

dnsapi

Dns_RecvTcp

olecli32

DibDraw
LeCopy
OleSetBounds
DibChangeData
LeQueryOpen
OleEnumFormats
OleCreateLinkFromClip
MfDraw
OleRenameClientDoc
ErrSetUpdateOptions
ErrSetData
PbCreateFromClip
OleUnlockServer
MfClone
ErrReconnect

kernel32

VirtualAlloc
WriteConsoleW
VirtualFree
FindNextFileA
CreateMutexA
CopyFileW
ExpandEnvironmentStringsA
GetTempPathA
RemoveDirectoryW
GetExitCodeProcess
CreateMutexW
SetThreadPriority
FileTimeToLocalFileTime
GetComputerNameW
GetFullPathNameW
OpenProcess
LoadLibraryExA
ReleaseSemaphore
CreateDirectoryA

gdi32

MoveToEx
LineTo
CreateDIBitmap
GetStockObject
CreateFontIndirectA
BitBlt
ExtTextOutA
GetSystemPaletteEntries
GetTextMetricsA
SetBkColor
SelectClipRgn
CreatePalette
CreateSolidBrush
DeleteObject
GetTextExtentPointA
SelectObject
SaveDC
GetDeviceCaps
UnrealizeObject
RestoreDC
RealizePalette
SelectPalette
CreateRectRgn
CreatePen
SetTextColor
DeleteDC

Sections

.textbss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 557B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ae3cf69bef5634d498a24c9ec3f316f

Headers

File Characteristics

Imports

oleacc

advapi32

dnsapi

olecli32

kernel32

gdi32

Sections

.textbss Size: - Virtual size: 8KB

.data Size: 1024B - Virtual size: 808B

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 6KB - Virtual size: 5KB

.debug Size: 1024B - Virtual size: 646B

.text Size: 1024B - Virtual size: 557B

.textbss
Size: - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 808B

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 6KB - Virtual size: 5KB

.debug
Size: 1024B - Virtual size: 646B

.text
Size: 1024B - Virtual size: 557B