1731811def4dc9e343fe355ca00640f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1731811def4dc9e343fe355ca00640f5_JaffaCakes118
Size

3.8MB
MD5

1731811def4dc9e343fe355ca00640f5
SHA1

e422c58d563baf49389735ab90f71022ced4c868
SHA256

fd40769ee96ebf26803b134203973d28111ebb7907361543473e0eb267175ad6
SHA512

43f90c36f4fc36a121110e0c0e0e0357102b8f2b74d3819df99591a3a08f4863067d4dc9141ad175bb56daab6c49e66ed5728a48707ad6d3ab849c65b3dec63a
SSDEEP

98304:xboGZmykfrJNboF8DV4XoDSUgXsb0POgYZNii:6t5doF8DV4YDSeb0GzZNii

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1731811def4dc9e343fe355ca00640f5_JaffaCakes118

Files

1731811def4dc9e343fe355ca00640f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7a20246a2b097abce1fdd8c938fc2b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageW
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_EndDrag

oleaut32

SysFreeString
SafeArrayPutElement

advapi32

StartServiceA
NotifyBootConfigStatus
ClearEventLogW
RegCreateKeyExW
SetServiceStatus
CryptDecrypt
RegRestoreKeyW
PrivilegeCheck
BuildSecurityDescriptorW
SetFileSecurityA
GetSecurityDescriptorControl
GetTokenInformation
RegSetValueA

ws2_32

WSANtohs
inet_addr
getsockname
WSAGetQOSByName
WSAConnect
WSASetServiceW
WSAAsyncGetProtoByNumber

kernel32

FindFirstFileExW
GlobalAddAtomA
AllocConsole
GetPrivateProfileStringW
TlsGetValue
GetHandleInformation
SwitchToFiber
VirtualQuery
GetThreadPriority
lstrcpynA
ExitProcess
FreeLibrary
ClearCommBreak
GlobalFree
RemoveDirectoryW
GlobalGetAtomNameW
VirtualUnlock
FormatMessageA
GetCommConfig
UnmapViewOfFile
GetUserDefaultLangID
GetStringTypeExW
GetCommModemStatus
FormatMessageW
ReleaseSemaphore
GlobalFindAtomA
SetEnvironmentVariableA
SetTimeZoneInformation
SetNamedPipeHandleState
GetTempFileNameA
CreateDirectoryExA
GetTapeStatus
CreateIoCompletionPort
FileTimeToLocalFileTime
WaitNamedPipeA
GetSystemTimeAsFileTime
FindFirstFileA
OutputDebugStringW
SetConsoleActiveScreenBuffer
WriteConsoleOutputW
EndUpdateResourceA
DeleteCriticalSection
OutputDebugStringA
PeekNamedPipe
GetFileAttributesExA
lstrcmpiA
WriteFile
SetConsoleWindowInfo
GetProfileIntA
GetSystemDefaultLangID
GetDateFormatA
QueryDosDeviceA
lstrcpyA
IsProcessorFeaturePresent

user32

SwitchDesktop
GetLastActivePopup
EnumChildWindows
GetMenuItemInfoW
IntersectRect
DrawStateA
ShowCaret
DestroyIcon
DrawTextW
InternalGetWindowText
GetCaretPos
ReleaseCapture
MonitorFromPoint
GetActiveWindow
TrackPopupMenuEx
SetDlgItemTextA
EnumDisplaySettingsExA
EmptyClipboard
GrayStringW
DrawTextExW
EnumWindowStationsW
CharNextA
ToUnicode
DrawIcon
RedrawWindow
SetProcessWindowStation
IsCharUpperA
GetClassInfoExW

Sections

.text
Size: 4KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7a20246a2b097abce1fdd8c938fc2b6

Headers

File Characteristics

Imports

comctl32

oleaut32

advapi32

ws2_32

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 223KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 4KB - Virtual size: 223KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB