161a69e802ca6319557d39c1eebc01df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

161a69e802ca6319557d39c1eebc01df_JaffaCakes118
Size

212KB
MD5

161a69e802ca6319557d39c1eebc01df
SHA1

2995ec6f35a210059b4e3380d46f9f6e346dda49
SHA256

4c068995df3e63b0155a9c0de08633c64ac3bb62d8ea8db6bc1cfd5ae4542221
SHA512

4a123a14e78ee17ae58346edc923c8f544c3cb29bd6aeb300dbf8302c67d5ec896a51fb3e3baa0b8f93d248c8a139bad9882d96f071fd2a49032396db989b28c
SSDEEP

6144:gXRzWYI4GjwExC498E8I9tHc6Tk3yOa8TLttSsZoj:ghBGLc49/HtJgijS6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161a69e802ca6319557d39c1eebc01df_JaffaCakes118

Files

161a69e802ca6319557d39c1eebc01df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b8b675b1c2e541a10f2a8853d4c3097

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GlobalFree
ConnectNamedPipe
CreateEventA
FormatMessageA
GlobalAddAtomW
OpenSemaphoreW
GetBinaryTypeW
GetCommConfig
SetMailslotInfo
SetLastError
WriteProcessMemory
PurgeComm
_lclose
GetTempPathW
ReleaseMutex
GetProcessHeap
IsBadStringPtrA
PulseEvent
IsBadWritePtr
CreateFileW
RemoveDirectoryA
PeekNamedPipe
SwitchToFiber
GlobalAddAtomA
CompareStringW
GetSystemTimeAdjustment
SizeofResource
IsDBCSLeadByteEx
VirtualFree
GetFullPathNameA
CompareStringA
GetModuleHandleA
CreateDirectoryA
EnumResourceNamesA
GetDriveTypeW
VirtualQueryEx
EnumResourceLanguagesW
GetACP
lstrcmpiA
OpenMutexA
lstrcpyA
CreateMutexW
GetStartupInfoA
SetThreadAffinityMask
CreateDirectoryW
GetComputerNameW
WriteConsoleOutputCharacterA
SetupComm
FindFirstFileExW
IsBadReadPtr
QueryDosDeviceA
GlobalFindAtomW
GetDiskFreeSpaceW
lstrlenA
lstrcmpiW
VirtualAlloc

user32

GetNextDlgGroupItem
TranslateAcceleratorW
EnableMenuItem
GetThreadDesktop
LoadMenuA
LoadMenuIndirectW
CloseWindow
TranslateMDISysAccel
FlashWindow
SetWindowWord
SetMenu
SetScrollInfo
GetDlgItemInt
ShowCaret
GetMenuDefaultItem
GetActiveWindow
ReplyMessage
MapDialogRect

gdi32

RemoveFontResourceA
SetPolyFillMode

advapi32

SetSecurityDescriptorDacl
CryptSetHashParam
MakeSelfRelativeSD
AccessCheckAndAuditAlarmW
QueryServiceStatus
AddAce
RegQueryValueW
GetExplicitEntriesFromAclW
LogonUserA
AllocateAndInitializeSid
SetSecurityDescriptorSacl
CryptAcquireContextW
CryptVerifySignatureW
CryptVerifySignatureA
SetThreadToken
BuildSecurityDescriptorW
GetTokenInformation
ReadEventLogW
CryptSetKeyParam

shell32

ExtractIconExW
SHGetPathFromIDListA

ole32

CoMarshalInterface
ReadClassStg
StgCreateStorageEx
CreateOleAdviseHolder

oleaut32

SafeArrayUnaccessData

version

VerQueryValueA

msvcrt

_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
atoi
_mbsupr
_mkdir
_wcsdup
__doserrno
fgets
fputs
_except_handler3
__set_app_type

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b8b675b1c2e541a10f2a8853d4c3097

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

msvcrt

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 200KB - Virtual size: 199KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 200KB - Virtual size: 199KB