ff283844559c643e3d3e238e84f61b8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff283844559c643e3d3e238e84f61b8a_JaffaCakes118
Size

2.1MB
MD5

ff283844559c643e3d3e238e84f61b8a
SHA1

c7933baf0f0e8909530627f7043fc4c1fe274317
SHA256

d48a2a6b5f1e1db5192572f5bb457a35d66f221ff5aad008b9bedc4595fea902
SHA512

4f708c968f5ff844a156f690395b43d70fee7a1f15c335e8f06267d25cb7d62b0f3f92dce060f6aa7c9b498b485cc1514397c31e2d0a6491c46374c489a02285
SSDEEP

49152:uKyNWBi7nIgsJc/HPpnACS9DxNy1975qG:u5wgkOu/y1Xz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff283844559c643e3d3e238e84f61b8a_JaffaCakes118

Files

ff283844559c643e3d3e238e84f61b8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bddd210289641322df5f84e78d3e3bb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
FlushFileBuffers
ReadConsoleOutputA
VirtualAlloc
SetProcessShutdownParameters
VirtualProtect
ReleaseSemaphore
SetSystemTime
CopyFileExW
GlobalFindAtomW
SearchPathW
SetCurrentDirectoryA
GetCPInfo
GetEnvironmentStringsW
SetMailslotInfo
WritePrivateProfileStringA
EnumDateFormatsW
SetThreadPriorityBoost
LCMapStringA
FormatMessageA
GetCurrentDirectoryW
_hread
WriteProcessMemory
WaitNamedPipeA
EnumResourceNamesA
DeleteFiber
GetVolumeInformationW
CreateFileW
PrepareTape
CreateProcessA
VirtualFree
SetConsoleMode
SetLastError
SetProcessAffinityMask
SetConsoleCursorPosition
ScrollConsoleScreenBufferA
VirtualQuery
GetLogicalDriveStringsA
GetCurrentProcessId
Beep
GetThreadPriority
GlobalAddAtomA
SetConsoleActiveScreenBuffer
PeekNamedPipe
ReadFile
lstrcmpiA
MultiByteToWideChar
SetCommTimeouts
GetUserDefaultLCID
GetCommState
SystemTimeToFileTime
SetCommMask
GetLongPathNameA
FillConsoleOutputCharacterA
GetFileInformationByHandle
TryEnterCriticalSection
FindFirstFileW
SetThreadAffinityMask
lstrcmpiW
OpenMutexA
WritePrivateProfileSectionA
RaiseException
FindResourceExW
GetSystemInfo
CancelIo
GetDriveTypeW
WritePrivateProfileSectionW
CreateMutexW
LocalFileTimeToFileTime
GlobalDeleteAtom
GetTempFileNameA
GetDiskFreeSpaceW
EnumSystemCodePagesW
SetConsoleOutputCP
EndUpdateResourceA
IsValidLocale
GetDiskFreeSpaceExA
GetUserDefaultLangID
GetBinaryTypeW
LoadLibraryExA
GetModuleFileNameW
UnmapViewOfFile
PurgeComm
GetDriveTypeA
CloseHandle
EraseTape
CreatePipe
GlobalReAlloc
SetThreadLocale
VirtualAllocEx
UnhandledExceptionFilter
EnumResourceNamesW
WriteFile
ExitProcess

user32

CheckMenuItem
GetMessageW
RegisterClassExW
ShowCursor
LoadCursorW
SetMenuItemBitmaps
GetNextDlgGroupItem
CreateIconIndirect
GetMenuStringA
OffsetRect
RegisterDeviceNotificationA
CreateDialogParamA
GetMenuInfo
IsDlgButtonChecked
EnumDesktopsA
GetUpdateRect
GetKeyboardLayoutNameW
CascadeWindows
ChangeMenuA
RegisterClipboardFormatW
ReleaseCapture
GetClassInfoExA
RegisterClassW
PostMessageW
EndDeferWindowPos
GetClipboardFormatNameA
wvsprintfW
DestroyCaret
DefDlgProcA
EnumChildWindows
SetForegroundWindow
SetMenuInfo
GetMenuItemInfoA
LoadCursorFromFileW
DrawTextA
FindWindowExA
GetDlgItemTextA
GetMessageExtraInfo
DestroyAcceleratorTable
CallWindowProcA
DefDlgProcW
SwitchToThisWindow
EnumWindowStationsA
GetClassLongW
InflateRect
GetWindowRgn
CreateAcceleratorTableW
RegisterClassExA
GetMonitorInfoW
GetWindowRect
CharToOemA
LoadAcceleratorsW
IsChild
ExcludeUpdateRgn
ShowScrollBar
PostThreadMessageW
DestroyMenu
SetWindowsHookExW
GetKeyboardLayoutList
LoadImageA
EnumDisplaySettingsW
CharPrevW
IsClipboardFormatAvailable
MapVirtualKeyA

comdlg32

ChooseFontA

advapi32

GetLengthSid
SetTokenInformation
NotifyChangeEventLog
CryptImportKey
CreateServiceW
EnumDependentServicesA
EnumDependentServicesW
RegCreateKeyExW
RegDeleteValueA
RegCreateKeyW
RegSetValueExW
UnlockServiceDatabase
SetSecurityDescriptorSacl
GetNamedSecurityInfoW
CryptGetHashParam
ObjectDeleteAuditAlarmW
AccessCheckAndAuditAlarmA
GetSecurityDescriptorLength
RegReplaceKeyW
DeleteService
PrivilegeCheck
IsTextUnicode
RegisterEventSourceW
AllocateAndInitializeSid
AddAce
SetFileSecurityW
GetSecurityDescriptorGroup
EnumServicesStatusA
ChangeServiceConfigW
GetNamedSecurityInfoA
ClearEventLogW
LookupPrivilegeValueA

shell32

SHChangeNotify
FindExecutableW
SHGetPathFromIDListA

ole32

CoGetObject

oleaut32

VariantCopy
QueryPathOfRegTypeLi
SysFreeString
LoadTypeLibEx
SysStringLen
SafeArrayGetLBound
SafeArrayPutElement

comctl32

ImageList_GetIcon
ImageList_DragEnter

shlwapi

PathRemoveBackslashW
StrChrIW
PathIsUNCServerW
SHOpenRegStream2W
PathSkipRootW

Sections

.text
Size: 3KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bddd210289641322df5f84e78d3e3bb9

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 3KB - Virtual size: 219KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 219KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB