24cef8c773e18a75e415546580c5d229_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24cef8c773e18a75e415546580c5d229_JaffaCakes118
Size

70KB
MD5

24cef8c773e18a75e415546580c5d229
SHA1

29c327147258805fcadd52c3f4efcbb23048ccd5
SHA256

a90681b3f55f5b6af4f82d289f0a13226a0c85292200ee6a78425b13c55ef46b
SHA512

27340ed426c3348bcca9c8a8b33fcb0206382caad6efa48bf5c8e0df4fd041f0c7c2f992042f29fd8dd803acd06cf1ebe1d12d994da0c7cc742e66abae4383ea
SSDEEP

1536:F1hF98mhJkeFZsL0VzEQRrXTj/tEjM01XfH3QocVfsE0zw9BtpQEtjguKWCWnEHl:F1hFLAebsylr7oWEpAB/Qe1KWPnQ3H7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24cef8c773e18a75e415546580c5d229_JaffaCakes118

Files

24cef8c773e18a75e415546580c5d229_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ab12d9729476376c803afd203158554

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetLogicalDrives
SleepEx
GetModuleHandleW
GetTickCount
VirtualQueryEx
OpenProcess
GlobalAlloc
WideCharToMultiByte
LoadLibraryW
Sleep
CopyFileW
SizeofResource
ReadProcessMemory
GetFileAttributesW
CreateProcessA
SetSystemPowerState
TerminateProcess
ReadFile
GetModuleFileNameW
CreateFileW
lstrcatA
MultiByteToWideChar
lstrlenW
GetStartupInfoW
GlobalUnlock
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
VirtualAlloc
DefineDosDeviceW
GlobalLock
VirtualAllocEx
GlobalFree
FindClose
GetLocalTime
Process32FirstW
LockResource
GlobalMemoryStatusEx
SetCurrentDirectoryW
RemoveDirectoryW
QueryDosDeviceW
SetProcessWorkingSetSize
DeviceIoControl
GetModuleFileNameA
Process32NextW
lstrcmpiW
lstrcatW
FindNextFileW
CreateToolhelp32Snapshot
GetFileAttributesExW
GetDiskFreeSpaceExW
CloseHandle
DeleteFileW
GetCurrentProcessId
WriteProcessMemory
ResumeThread
lstrcpyW
SetFileAttributesW
CreateThread
ExpandEnvironmentStringsW
CreateDirectoryW
SetEnvironmentVariableW
GetLogicalDriveStringsW
GetCurrentProcess
CreateProcessW
LoadResource
FreeLibrary
FindResourceW
GetDriveTypeW
lstrlenA
FreeResource
SetThreadContext
FindFirstFileW
SearchPathW
GetFileSize
GetThreadContext
GetCommandLineW
VirtualProtectEx
ExitProcess

user32

GetAsyncKeyState
InvalidateRect
GetWindowLongW
GetWindowTextW
EnableMenuItem
LoadIconW
RegisterClassExW
GetKeyboardState
TranslateMessage
CharUpperW
SetWindowLongW
EndDialog
SetWindowPos
GetCursorPos
LoadStringW
SetLayeredWindowAttributes
ShowWindow
CreatePopupMenu
SendMessageTimeoutW
CreateWindowExW
EndPaint
GetDC
DestroyWindow
keybd_event
SetCursor
SetTimer
GetWindowRect
SetActiveWindow
GetMessageW
PostQuitMessage
TrackPopupMenu
FillRect
ChangeDisplaySettingsW
PostMessageW
DrawTextW
KillTimer
DialogBoxIndirectParamW
DrawIconEx
SetForegroundWindow
DialogBoxParamW
GetParent
LoadCursorW
FindWindowW
CreateMenu
SetFocus
BeginPaint
PtInRect
wsprintfW
GetDlgItem
DispatchMessageW
EnumDisplaySettingsW
DefWindowProcW
MessageBoxW
GetSystemMetrics
SetDlgItemTextW
SendMessageW
EnableWindow
UnregisterHotKey
DestroyMenu
SetWindowTextW
DestroyIcon
RegisterHotKey
CallWindowProcW
AppendMenuW

gdi32

SetTextColor
SetBkColor
SetBkMode
DeleteObject
SelectObject
CreateFontW
GetStockObject
AddFontResourceW
CreateSolidBrush

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

ControlService
AdjustTokenPrivileges
StartServiceW
LookupPrivilegeValueW
OpenServiceW
OpenSCManagerW
OpenProcessToken
CloseServiceHandle

shell32

DragQueryFileW
ExtractIconW
SHFileOperationW
Shell_NotifyIconW
SHChangeNotify
SHGetFileInfoW
DragAcceptFiles
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize

shlwapi

StrCmpNIW
SHDeleteKeyW
SHGetValueW
StrToIntExW
StrRChrW
StrCpyNW
StrStrW
StrStrIW
StrChrW
SHSetValueW
StrToIntW
SHDeleteValueW

msvcrt

memmove
free
malloc
_purecall
??3@YAXPAX@Z
realloc
memset
atof
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_gcvt

setupapi

SetupDiGetINFClassW
SetupDiGetClassDevsW
SetupIterateCabinetW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

WCMD
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ab12d9729476376c803afd203158554

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

msvcrt

setupapi

Sections

WCMD Size: 55KB - Virtual size: 55KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 13KB - Virtual size: 12KB

WCMD
Size: 55KB - Virtual size: 55KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 13KB - Virtual size: 12KB