10125639d6ac205e8e3f3c232f067f72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10125639d6ac205e8e3f3c232f067f72_JaffaCakes118
Size

380KB
MD5

10125639d6ac205e8e3f3c232f067f72
SHA1

886e25c2c2b5a719ca97ef93bb850afa85891357
SHA256

e9aa06b07aad5f1efd26693c7b7d09977990e18f47190e0b0e91b7200bc61bfb
SHA512

a890466f42050e5d0ccec298eacc52fd41a56ab8beded67e6267c14ee46aa8242995ec3470a2c37e7b8e6087aac4a2ae5e7109891c3c57a6e632ffa527f423a0
SSDEEP

6144:jHmzMe3ZKpplTrUFaEnuKlJD2qhiVrBDPi87DxmLX2xq5otuBNukc1pp1NN5eQQl:bGZpgKaEnuylEK877qGcHIeVeAB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10125639d6ac205e8e3f3c232f067f72_JaffaCakes118

Files

10125639d6ac205e8e3f3c232f067f72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccd21ed725d89ffd6fb0379481d6394f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
SetConsolePalette
LZCopy
OpenMutexA
MapUserPhysicalPagesScatter
SetTimerQueueTimer
SetThreadPriority
GetNumberOfConsoleFonts
WinExec
OutputDebugStringA
VirtualFreeEx
GetCurrentThreadId
SetEvent
GetStringTypeExW
GetConsoleAliasExesLengthA
GetSystemTimeAsFileTime
CloseConsoleHandle
QueryInformationJobObject
SetConsoleDisplayMode
GetThreadLocale
SetHandleInformation
WriteConsoleOutputA
LZCloseFile
GetCommMask
GetProcessShutdownParameters
GetTickCount
GetProcessAffinityMask
GetTimeFormatA
CreateTimerQueue
WriteProcessMemory
GetDevicePowerState
FindNextVolumeMountPointW
GetVersionExA
GetConsoleTitleA
LZSeek
SetErrorMode
SetFileAttributesA
WaitCommEvent
_lcreat
IsSystemResumeAutomatic
HeapSize
GetAtomNameA
GetProcessHandleCount
GetCommandLineA
SetCurrentDirectoryA
OpenJobObjectA
GetConsoleAliasA
SetConsoleMaximumWindowSize
SetLocaleInfoA
GetCalendarInfoA
GetModuleHandleA
QueueUserWorkItem
Process32First
GetTempPathA
CopyFileExW
GetProfileIntA
SetWaitableTimer
GetPriorityClass
Thread32Next
SetFileShortNameA
MoveFileExA
SetThreadContext
CopyFileA
GetLocaleInfoA
LoadLibraryExW
ReadConsoleInputA
CreateDirectoryA
CreateEventA
GetCurrentProcessId
VerifyVersionInfoA
CancelWaitableTimer
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetFileTime
GetProcessIoCounters
SetThreadLocale
GetConsoleCommandHistoryLengthW
FindNextVolumeA
EnumResourceNamesA
GetEnvironmentVariableA
UnregisterWait
IsBadReadPtr
SetConsoleMenuClose
VirtualAllocEx
SetConsoleHardwareState
GetFullPathNameA
FindVolumeMountPointClose
SetFileShortNameA
CancelWaitableTimer
GetProcessId
VirtualUnlock
UpdateResourceA
SetFileTime
GetEnvironmentStringsA
LZRead
ReplaceFileA
SetEvent
FindFirstChangeNotificationA
GetCurrentProcessId
FindFirstFileA
HeapDestroy
SetHandleInformation
WriteConsoleOutputCharacterA
ChangeTimerQueueTimer
GlobalUnfix
GetVolumePathNameA
GetConsoleAliasesA
SetConsoleNumberOfCommandsA
SetLocalTime
SetCommTimeouts
WriteConsoleInputA
GetStdHandle
GetThreadTimes
GetProfileSectionA
Toolhelp32ReadProcessMemory
UnlockFileEx
HeapFree
HeapCompact
GetPrivateProfileStructA
GetEnvironmentStringsA
TransmitCommChar
GetSystemDirectoryA
LZDone
WritePrivateProfileStructA
GetLocaleInfoA
PrepareTape
GetProcessHeaps
SetDllDirectoryA
FindNextChangeNotification
GetVolumeInformationA
GetDateFormatA
OpenFileMappingA
CallNamedPipeA
PurgeComm
CompareStringA
DeleteFileA
GetOEMCP
GetProcessHeap
SetConsoleCP
GetTapePosition
SystemTimeToTzSpecificLocalTime
IsBadReadPtr
CreateDirectoryExW
GetProcessVersion
SetCommBreak
CancelWaitableTimer
GetCurrentDirectoryA
Thread32First
GetVolumeInformationA
ClearCommBreak
CompareStringA
GetCPInfoExA
RemoveDirectoryA
GetConsoleMode
lstrcpyA
GetVersion
GetFullPathNameA
ReadConsoleOutputAttribute
GetDiskFreeSpaceA
FlushViewOfFile
RequestWakeupLatency
SetConsoleNumberOfCommandsA
GetCurrencyFormatA
LocalFileTimeToFileTime
GetProcessPriorityBoost
ExitProcess
GetFullPathNameA
FlushViewOfFile
ReplaceFile
Thread32First
GetConsoleCommandHistoryA
AllocConsole
OpenWaitableTimerA
SetMailslotInfo
RequestDeviceWakeup
EnumSystemGeoID

user32

SetMenuContextHelpId
CloseDesktop
CharUpperBuffA
CreateSystemThreads
CreateDialogParamA
UnlockWindowStation
CreateIconIndirect
GetSubMenu
GetQueueStatus
ShowWindow
PtInRect
MessageBoxA
IsCharAlphaA
EnumPropsA
RemoveMenu
DlgDirSelectExA
GetProgmanWindow
InvertRect
CallMsgFilterA
DefMDIChildProcA
DlgDirListComboBoxW
OpenDesktopA
GetKeyState
SetProgmanWindow
SetPropA
GetScrollInfo
DrawFrameControl
DefWindowProcA
SendMessageCallbackA
LoadImageA
GetUpdateRect
UnregisterMessagePumpHook
SystemParametersInfoA
PtInRect
DlgDirListComboBoxA
FlashWindowEx
DlgDirSelectComboBoxExA
DestroyAcceleratorTable
SetWindowWord
DialogBoxParamA
GetKeyboardLayoutList
DlgDirSelectExA
ShowCaret
CascadeChildWindows
GetCaretPos
PostThreadMessageA
TabbedTextOutA
OemToCharBuffA
GetWinStationInfo
DestroyCursor
MapVirtualKeyA
IsCharLowerA
SetScrollPos
RegisterClipboardFormatA
GetListBoxInfo
SetDlgItemTextA
SetInternalWindowPos
EditWndProc
GetQueueStatus
GrayStringA
SetWindowPlacement
CreateWindowStationA
DeleteMenu
AdjustWindowRect
CascadeChildWindows
DrawIcon
CallNextHookEx
GetAncestor
ModifyMenuA
GetRawInputDeviceList
SetThreadDesktop
IsWindowEnabled
DestroyWindow
IsRectEmpty
CheckRadioButton
GetWindowTextA
ReplyMessage
SetWindowLongA
SetCursor
GetClassInfoA
SetCursorContents
GetShellWindow
SetCaretPos
BroadcastSystemMessageExW
CreateMenu

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd21ed725d89ffd6fb0379481d6394f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 2KB

.text Size: 184KB - Virtual size: 427KB

.idata Size: 92KB - Virtual size: 89KB

.rsrc Size: 100KB - Virtual size: 96KB

.itext
Size: - Virtual size: 2KB

.text
Size: 184KB - Virtual size: 427KB

.idata
Size: 92KB - Virtual size: 89KB

.rsrc
Size: 100KB - Virtual size: 96KB