09a2a40188a668d16c081eebf49894fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09a2a40188a668d16c081eebf49894fd_JaffaCakes118
Size

293KB
MD5

09a2a40188a668d16c081eebf49894fd
SHA1

581463037a9e8de3ae55b795950881c86ec09593
SHA256

01702c2484c238637d783aca0be54eff742980a19cc1b9453144c35440616438
SHA512

a36ce5c7f962b14af2419c1c40b75ce96195323885550a200d9c6f629aafaa85a0c5416e24a3fc1d9d4cb5b65bacdd61552b0f9b02840224447fd30d2c0683d5
SSDEEP

6144:uAbyHNP1Yair6VSF4E1Msi+AAwqe/mNrp8oePKBb8s9CwJ6ypC6+:z0CU0F49siFmNmrPKBbfvLB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09a2a40188a668d16c081eebf49894fd_JaffaCakes118

Files

09a2a40188a668d16c081eebf49894fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4311db31ea83708266a7b5ce8516fd66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexW
GetConsoleOutputCP
WaitForSingleObject
WriteProfileSectionA
ResumeThread
PurgeComm
TlsFree
LoadLibraryExW
GetCPInfoExW
GetModuleHandleA
CreateProcessA
HeapDestroy
GetACP
PulseEvent
GetFileType
GlobalSize
GetVersionExA
GetTickCount
EnumResourceLanguagesW
ReadConsoleOutputCharacterW
ExitProcess
EnumResourceNamesW
IsBadReadPtr
FindNextFileW
GetWindowsDirectoryW
FindResourceExW
CreateMailslotW
GetPrivateProfileStructW
GlobalUnlock
RequestWakeupLatency
GetComputerNameW
GetPrivateProfileIntA
ExpandEnvironmentStringsA
Sleep
GetStringTypeW
GetStartupInfoA
SystemTimeToTzSpecificLocalTime
_lopen
OpenProcess
GetPrivateProfileStringW
SetHandleCount
GlobalUnWire
GetLogicalDriveStringsW
GetConsoleCP
GetProfileStringW
OpenEventA
SetErrorMode
GetHandleInformation
WritePrivateProfileStructA
ExpandEnvironmentStringsW
GetProcAddress
WriteConsoleInputA
HeapCreate
GetEnvironmentStringsW
HeapCompact
RaiseException
CallNamedPipeA
SetupComm
GetCommProperties
DeleteFileA
WriteProfileStringA
SetLastError
GetDiskFreeSpaceA
InitializeCriticalSection
ConvertDefaultLocale
GetProfileSectionA
UnhandledExceptionFilter
ContinueDebugEvent

user32

AppendMenuA
IsChild
wvsprintfA
RemovePropA
GetSysColorBrush
GetMessageExtraInfo
CallMsgFilterA
SetScrollInfo
CreateIconIndirect
CountClipboardFormats
DrawAnimatedRects
SetWindowContextHelpId
GetScrollRange
OpenInputDesktop
ModifyMenuW
ToUnicode
SetThreadDesktop
DrawFrameControl
CopyAcceleratorTableW
GetShellWindow
DlgDirListComboBoxA
ChangeDisplaySettingsExW
MessageBoxExA
ModifyMenuA
GetDlgItemInt
EnumDisplaySettingsA
GetDlgItemTextA
MapVirtualKeyExA
DrawMenuBar
GetMenuItemCount
CopyIcon
ChangeDisplaySettingsW
GetMenuDefaultItem
EnumPropsExW

gdi32

EqualRgn
DeleteMetaFile
EnumFontFamiliesExW
SetWindowExtEx
GetTextExtentPoint32A
OffsetClipRgn
SetBrushOrgEx
PolyBezierTo
GetCharWidthW
AbortDoc
GdiGetBatchLimit
OffsetWindowOrgEx
GetClipRgn
GetCharWidthFloatA
Rectangle
StartDocA
LPtoDP
ExtFloodFill
SetWindowOrgEx
SetPaletteEntries
GetCharABCWidthsW
Escape
PolylineTo
OffsetRgn

comdlg32

FindTextW

advapi32

RegConnectRegistryW
CryptAcquireContextW
EnumDependentServicesA
RevertToSelf
GetSidSubAuthorityCount
LookupAccountNameW
SetServiceBits
BuildTrusteeWithNameA
CryptSetProvParam
OpenEventLogW
IsTextUnicode
QueryServiceConfigW
StartServiceA
GetPrivateObjectSecurity
AddAuditAccessAce
RegisterServiceCtrlHandlerW
RegGetKeySecurity
RegReplaceKeyA
QueryServiceObjectSecurity
GetUserNameA
InitializeSid
CryptDestroyKey
PrivilegedServiceAuditAlarmA
RegisterEventSourceW
EqualPrefixSid
CopySid
LockServiceDatabase
GetServiceDisplayNameA
GetKernelObjectSecurity
CryptReleaseContext
RegCreateKeyExA

shell32

SHGetFileInfoW
DragQueryFileW
ShellExecuteExA
SHEmptyRecycleBinW
SHQueryRecycleBinW
SHGetFileInfoA
SHGetSettings

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bcu8gsfp
Size: 62B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qgcoy5sb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4311db31ea83708266a7b5ce8516fd66

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 277KB - Virtual size: 280KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 9KB - Virtual size: 12KB

bcu8gsfp Size: 62B - Virtual size: 4KB

qgcoy5sb Size: 512B - Virtual size: 4KB

.text
Size: 277KB - Virtual size: 280KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 9KB - Virtual size: 12KB

bcu8gsfp
Size: 62B - Virtual size: 4KB

qgcoy5sb
Size: 512B - Virtual size: 4KB