f1063749089485c04afdf0e612ecefd6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f1063749089485c04afdf0e612ecefd6_JaffaCakes118
Size

380KB
MD5

f1063749089485c04afdf0e612ecefd6
SHA1

1aff565fa53fbf071e2d82bd13364dac94d074ab
SHA256

26e3935f9e6a021f70782e8d6a1c4d0d23c218bcfffdb79b3526b746d5a290f6
SHA512

ff06a98ac64430f823063dedc06a40d8e55d152594c92cd2c89f7850dd227dfb05f9d36f2170b1f5274141b4a9fc04a4046b03d637e7bf692cab719f029c1b0a
SSDEEP

6144:jHmzMe3ZKpplTrUFaEnuKlJD2qhiVrBDPi87DxmLX2xq5otuBNukc1ppB3PQ:bGZpgKaEnuylEK877qGcHG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1063749089485c04afdf0e612ecefd6_JaffaCakes118

Files

f1063749089485c04afdf0e612ecefd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccd21ed725d89ffd6fb0379481d6394f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
SetConsolePalette
LZCopy
OpenMutexA
MapUserPhysicalPagesScatter
SetTimerQueueTimer
SetThreadPriority
GetNumberOfConsoleFonts
WinExec
OutputDebugStringA
VirtualFreeEx
GetCurrentThreadId
SetEvent
GetStringTypeExW
GetConsoleAliasExesLengthA
GetSystemTimeAsFileTime
CloseConsoleHandle
QueryInformationJobObject
SetConsoleDisplayMode
GetThreadLocale
SetHandleInformation
WriteConsoleOutputA
LZCloseFile
GetCommMask
GetProcessShutdownParameters
GetTickCount
GetProcessAffinityMask
GetTimeFormatA
CreateTimerQueue
WriteProcessMemory
GetDevicePowerState
FindNextVolumeMountPointW
GetVersionExA
GetConsoleTitleA
LZSeek
SetErrorMode
SetFileAttributesA
WaitCommEvent
_lcreat
IsSystemResumeAutomatic
HeapSize
GetAtomNameA
GetProcessHandleCount
GetCommandLineA
SetCurrentDirectoryA
OpenJobObjectA
GetConsoleAliasA
SetConsoleMaximumWindowSize
SetLocaleInfoA
GetCalendarInfoA
GetModuleHandleA
QueueUserWorkItem
Process32First
GetTempPathA
CopyFileExW
GetProfileIntA
SetWaitableTimer
GetPriorityClass
Thread32Next
SetFileShortNameA
MoveFileExA
SetThreadContext
CopyFileA
GetLocaleInfoA
LoadLibraryExW
ReadConsoleInputA
CreateDirectoryA
CreateEventA
GetCurrentProcessId
VerifyVersionInfoA
CancelWaitableTimer
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetFileTime
GetProcessIoCounters
SetThreadLocale
GetConsoleCommandHistoryLengthW
FindNextVolumeA
EnumResourceNamesA
GetEnvironmentVariableA
UnregisterWait
IsBadReadPtr
SetConsoleMenuClose
VirtualAllocEx
SetConsoleHardwareState
GetFullPathNameA
FindVolumeMountPointClose
SetFileShortNameA
CancelWaitableTimer
GetProcessId
VirtualUnlock
UpdateResourceA
SetFileTime
GetEnvironmentStringsA
LZRead
ReplaceFileA
SetEvent
FindFirstChangeNotificationA
GetCurrentProcessId
FindFirstFileA
HeapDestroy
SetHandleInformation
WriteConsoleOutputCharacterA
ChangeTimerQueueTimer
GlobalUnfix
GetVolumePathNameA
GetConsoleAliasesA
SetConsoleNumberOfCommandsA
SetLocalTime
SetCommTimeouts
WriteConsoleInputA
GetStdHandle
GetThreadTimes
GetProfileSectionA
Toolhelp32ReadProcessMemory
UnlockFileEx
HeapFree
HeapCompact
GetPrivateProfileStructA
GetEnvironmentStringsA
TransmitCommChar
GetSystemDirectoryA
LZDone
WritePrivateProfileStructA
GetLocaleInfoA
PrepareTape
GetProcessHeaps
SetDllDirectoryA
FindNextChangeNotification
GetVolumeInformationA
GetDateFormatA
OpenFileMappingA
CallNamedPipeA
PurgeComm
CompareStringA
DeleteFileA
GetOEMCP
GetProcessHeap
SetConsoleCP
GetTapePosition
SystemTimeToTzSpecificLocalTime
IsBadReadPtr
CreateDirectoryExW
GetProcessVersion
SetCommBreak
CancelWaitableTimer
GetCurrentDirectoryA
Thread32First
GetVolumeInformationA
ClearCommBreak
CompareStringA
GetCPInfoExA
RemoveDirectoryA
GetConsoleMode
lstrcpyA
GetVersion
GetFullPathNameA
ReadConsoleOutputAttribute
GetDiskFreeSpaceA
FlushViewOfFile
RequestWakeupLatency
SetConsoleNumberOfCommandsA
GetCurrencyFormatA
LocalFileTimeToFileTime
GetProcessPriorityBoost
ExitProcess
GetFullPathNameA
FlushViewOfFile
ReplaceFile
Thread32First
GetConsoleCommandHistoryA
AllocConsole
OpenWaitableTimerA
SetMailslotInfo
RequestDeviceWakeup
EnumSystemGeoID

user32

SetMenuContextHelpId
CloseDesktop
CharUpperBuffA
CreateSystemThreads
CreateDialogParamA
UnlockWindowStation
CreateIconIndirect
GetSubMenu
GetQueueStatus
ShowWindow
PtInRect
MessageBoxA
IsCharAlphaA
EnumPropsA
RemoveMenu
DlgDirSelectExA
GetProgmanWindow
InvertRect
CallMsgFilterA
DefMDIChildProcA
DlgDirListComboBoxW
OpenDesktopA
GetKeyState
SetProgmanWindow
SetPropA
GetScrollInfo
DrawFrameControl
DefWindowProcA
SendMessageCallbackA
LoadImageA
GetUpdateRect
UnregisterMessagePumpHook
SystemParametersInfoA
PtInRect
DlgDirListComboBoxA
FlashWindowEx
DlgDirSelectComboBoxExA
DestroyAcceleratorTable
SetWindowWord
DialogBoxParamA
GetKeyboardLayoutList
DlgDirSelectExA
ShowCaret
CascadeChildWindows
GetCaretPos
PostThreadMessageA
TabbedTextOutA
OemToCharBuffA
GetWinStationInfo
DestroyCursor
MapVirtualKeyA
IsCharLowerA
SetScrollPos
RegisterClipboardFormatA
GetListBoxInfo
SetDlgItemTextA
SetInternalWindowPos
EditWndProc
GetQueueStatus
GrayStringA
SetWindowPlacement
CreateWindowStationA
DeleteMenu
AdjustWindowRect
CascadeChildWindows
DrawIcon
CallNextHookEx
GetAncestor
ModifyMenuA
GetRawInputDeviceList
SetThreadDesktop
IsWindowEnabled
DestroyWindow
IsRectEmpty
CheckRadioButton
GetWindowTextA
ReplyMessage
SetWindowLongA
SetCursor
GetClassInfoA
SetCursorContents
GetShellWindow
SetCaretPos
BroadcastSystemMessageExW
CreateMenu

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd21ed725d89ffd6fb0379481d6394f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 2KB

.text Size: 184KB - Virtual size: 427KB

.idata Size: 92KB - Virtual size: 89KB

.rsrc Size: 100KB - Virtual size: 96KB

.itext
Size: - Virtual size: 2KB

.text
Size: 184KB - Virtual size: 427KB

.idata
Size: 92KB - Virtual size: 89KB

.rsrc
Size: 100KB - Virtual size: 96KB