3030e587e1e5f7f50339738a2dfb11f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3030e587e1e5f7f50339738a2dfb11f6_JaffaCakes118
Size

156KB
MD5

3030e587e1e5f7f50339738a2dfb11f6
SHA1

89007ed3beea0c5179d8acfe2743906f0dcc71c4
SHA256

7286b9adf3182fbf5403442fcfb49750df8e33e3162274d539d67484fa04ec2e
SHA512

9662957484d72d2123358f3ae0ffd1a7575449a03658803769a4b7a1ba42d8ce7adbfa01623f16517bef44ab8a85c9dcb4d15760fe844ae43d80ebb1bf034965
SSDEEP

3072:NpDhqFTLtKaKh4wzSa6M4zA2qpEyH7cDGNG5n/nnnnnnnnnnnnnnn3zS//w:NpDhqFTLsaHwzl6Mwq2WG5/nnnnnnnnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3030e587e1e5f7f50339738a2dfb11f6_JaffaCakes118

Files

3030e587e1e5f7f50339738a2dfb11f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e562a11d327c2d617b570fbb2a1a76be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceConfigA
LsaNtStatusToWinError
RegRestoreKeyA
CloseEventLog
RegFlushKey
LsaOpenPolicy
OpenServiceW
AbortSystemShutdownA
QueryServiceStatus
AccessCheck
RegDeleteValueW
IsTextUnicode
PrivilegeCheck
RegNotifyChangeKeyValue
StartServiceW
RegDeleteValueA
LsaClose
RegSetValueW
ReportEventA
RegisterServiceCtrlHandlerA
OpenSCManagerW
DeleteService
LockServiceDatabase
RegDeleteKeyW
OpenSCManagerA
SetServiceStatus
RegSaveKeyA
EqualSid
RegisterEventSourceW
LsaRetrievePrivateData
DeregisterEventSource
ChangeServiceConfigW
RegSetValueExA
QueryServiceConfigW
CloseServiceHandle
OpenEventLogW

user32

DestroyCursor
SendDlgItemMessageA
GetScrollPos
DdeGetLastError
GetDlgItem
CopyAcceleratorTableA
mouse_event
LoadImageA
EqualRect
GetMenuCheckMarkDimensions
GetMessagePos
RemoveMenu
LoadMenuIndirectA
OemToCharA
IsRectEmpty
IsCharAlphaW
IsMenu
LoadIconA
ToAsciiEx
OffsetRect
LoadKeyboardLayoutA
SetForegroundWindow
GetMenuStringA
SetTimer
SetCursor
GetClassNameW
BeginPaint
CharPrevA
UpdateWindow
RegisterHotKey
SetRectEmpty
CreateAcceleratorTableA
MessageBoxA
WaitForInputIdle
CallWindowProcA
LoadBitmapW
IsChild
UnionRect
GetKeyboardLayout
SetWindowLongW
GetUserObjectInformationW
PtInRect
LoadIconW
SetDlgItemInt
EnumWindows
DrawMenuBar
SetPropA
GetWindowPlacement
SetWindowPos
IsDialogMessageW
SubtractRect
ReleaseCapture
GetClipboardFormatNameA
CharUpperBuffA
CreateAcceleratorTableW
ReleaseDC
CreateDialogIndirectParamW
ExitWindowsEx
GetCursorPos
SetMenuItemBitmaps
GetKeyNameTextA
SetWindowsHookExW
TranslateMDISysAccel
ChangeClipboardChain
TranslateMessage
GetProcessWindowStation
FindWindowW
CharLowerBuffW
RegisterClassW
GetClipboardData
GetPropW
FrameRect
GetMessageTime
DeleteMenu
CheckRadioButton
GetClassInfoExW
SetPropW
EndDialog
CreateIcon
GetCaretBlinkTime
DialogBoxParamW
CloseWindow
DdeFreeStringHandle
SetWindowPlacement
GetDC
SetDlgItemTextA
GetMessageA
CharNextA
GetWindowLongA
EnumDisplaySettingsW
EnumChildWindows
DdeQueryConvInfo
SetWindowTextW
DeferWindowPos
SendNotifyMessageA
SetMenuDefaultItem
DdeConnect
VkKeyScanW
GetClassLongA
RegisterClassExA
DdeCreateStringHandleW
SendDlgItemMessageW
SetCaretPos
DrawTextExW
DrawIcon
SetClassLongW
SetScrollRange
SetClassLongA
BeginDeferWindowPos
CharLowerW
DialogBoxParamA
IsClipboardFormatAvailable
GetWindowTextA
GetPropA
GetParent
CharLowerBuffA
DestroyCaret
GetQueueStatus
IsDlgButtonChecked
SetParent
ToAscii
SetClipboardViewer
WinHelpA
SetWindowsHookExA
InflateRect
MapVirtualKeyA
MessageBoxIndirectA
GetMessageW
MessageBeep
PostThreadMessageA
GetDialogBaseUnits
UnregisterHotKey
OpenWindowStationW
GetSystemMenu
ScreenToClient

kernel32

GetModuleHandleA
CreateNamedPipeA
GlobalLock
GetStartupInfoA

msvcrt

_controlfp
_strdup
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_putw

imagehlp

SymLoadModule
SymCleanup
GetTimestampForLoadedLibrary
EnumerateLoadedModules

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e562a11d327c2d617b570fbb2a1a76be

Headers

File Characteristics

Imports

advapi32

user32

kernel32

msvcrt

imagehlp

version

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 52KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 52KB

.rsrc
Size: 32KB - Virtual size: 28KB