ece5f48967238c6d1ad4a6c931431478_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ece5f48967238c6d1ad4a6c931431478_JaffaCakes118
Size

292KB
MD5

ece5f48967238c6d1ad4a6c931431478
SHA1

972dff02945c99a9e7d4a05aa0d8beb57842e0dc
SHA256

8f71a654675b8cc2ebbf3c67d0b1df5ba738ece8ad57a3b692b4024ef0a4ae93
SHA512

44880a56bb11f07be53c3010ad354d1f9bc6a52b98ff943bfa8707dfd80534484f9e9c2a18254fb130905e8bd1ef6b1a9d0e6fed1e57305435894946c6efcad2
SSDEEP

6144:RfYsTifjeXRg6TxsdcGN3xNrH7N25izZd49skYeabMWPuV1BdO:F3qehpTOue3P7wUd45OsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece5f48967238c6d1ad4a6c931431478_JaffaCakes118

Files

ece5f48967238c6d1ad4a6c931431478_JaffaCakes118
.exe windows:4 windows x86 arch:x86

021765bf7a558ced18d798ed74f7ac2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableW

advapi32

CryptGetHashParam
SetSecurityDescriptorOwner
StartServiceCtrlDispatcherA
GetSecurityDescriptorDacl
RegQueryInfoKeyA
CryptAcquireContextA
CryptDestroyHash
SetFileSecurityA
LookupAccountSidA
FreeSid
RegOpenKeyExA
AddAce
CryptImportKey
BuildSecurityDescriptorW
SetThreadToken
AccessCheckAndAuditAlarmA
GetFileSecurityA
RegNotifyChangeKeyValue
GetSecurityDescriptorControl
InitiateSystemShutdownW
CryptGetKeyParam
RegEnumKeyExW
AllocateLocallyUniqueId
RegUnLoadKeyW

comdlg32

GetSaveFileNameA
GetOpenFileNameW

gdi32

CloseEnhMetaFile
GetClipBox
GetGlyphOutlineW
GetCharacterPlacementA
CreatePolygonRgn
FrameRgn
EnumFontsW
UpdateColors
CreateDIBSection
Arc
RectVisible
SetPixel
CreateCompatibleDC

oleaut32

SafeArrayUnaccessData
SysStringLen
VariantChangeType
SafeArrayGetElement
QueryPathOfRegTypeLi
SafeArrayGetLBound
LoadTypeLibEx
SysAllocStringLen
SetErrorInfo
SafeArrayPutElement
VariantCopy
SafeArrayRedim

kernel32

GetTickCount
EnumSystemCodePagesW
FreeResource
SetCommMask
GetTempPathW
GlobalAddAtomW
GetCurrentProcessId
EnumCalendarInfoW
CloseHandle
IsBadStringPtrA
EraseTape
GetEnvironmentVariableW
VirtualAlloc
lstrlenA
DeleteCriticalSection
AreFileApisANSI
CancelIo
GetBinaryTypeW
ReadConsoleInputW
LoadLibraryExA
VirtualFree
GetEnvironmentStringsW
SearchPathW
LeaveCriticalSection
GetLargestConsoleWindowSize
GetCurrentDirectoryW
GetVersion
GetStartupInfoA
SetEnvironmentVariableW
FormatMessageA
SetThreadLocale
CreateMutexA
FindResourceExA
GetTimeZoneInformation
SetEnvironmentVariableA
ExitThread
SetConsoleCursorPosition
WriteProcessMemory
GetFileAttributesExA
GetSystemDirectoryW
SetStdHandle
FindNextChangeNotification
SetEndOfFile
GetNumberFormatW
FindCloseChangeNotification
SetFileTime
LocalReAlloc
VirtualAllocEx
QueryDosDeviceA
WritePrivateProfileSectionA
GetProfileIntA
EnumDateFormatsW
IsDBCSLeadByteEx
ReadDirectoryChangesW
GetCPInfo
GetCommModemStatus
GetModuleHandleA
GetAtomNameA
SetMailslotInfo
SetConsoleTitleA
VirtualLock
LocalAlloc
ExitProcess
CreateMutexW
WritePrivateProfileStructA
FormatMessageW
GetTempFileNameA
lstrcatW
GetHandleInformation
GetWindowsDirectoryA
SetEvent
lstrcpyA
GetPrivateProfileSectionW

ws2_32

htons
WSAEnumProtocolsA
sendto
bind
WSAStartup

ole32

StgCreateStorageEx
CoUninitialize
CoGetClassObject
CoGetInterfaceAndReleaseStream
CreateOleAdviseHolder
OleRegGetUserType

comctl32

_TrackMouseEvent
CreateStatusWindowW
PropertySheetW
ImageList_LoadImageW

user32

EndMenu
OpenInputDesktop
GetCaretPos
AppendMenuA
GetCaretBlinkTime
GrayStringW
SetMenuDefaultItem
MapVirtualKeyW
GetLastActivePopup
GetKeyboardState
RegisterWindowMessageW
GetClassLongA
LoadCursorFromFileW
GetUserObjectInformationA
DestroyWindow
ValidateRgn
InflateRect
DrawFrameControl
DrawIconEx
MessageBoxA
GetScrollRange

msvcrt

__getmainargs
_write
vsprintf
wcslen
__p__environ
_wfopen
atoi
_stricoll
fwscanf
realloc
_strncoll
_c_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
vwprintf
_acmdln
strftime
exit
_XcptFilter
_exit
_mbsnbcnt
_makepath

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

021765bf7a558ced18d798ed74f7ac2a

Headers

File Characteristics

Imports

shell32

advapi32

comdlg32

gdi32

oleaut32

kernel32

ws2_32

ole32

comctl32

user32

msvcrt

Sections

.text Size: 198KB - Virtual size: 197KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 88KB - Virtual size: 87KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 88KB - Virtual size: 87KB