1a79efa01f1967f572a32e32ca006584_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a79efa01f1967f572a32e32ca006584_JaffaCakes118
Size

426KB
MD5

1a79efa01f1967f572a32e32ca006584
SHA1

54ea94a32c75e2a9e4b1c6fa7967b71d4bef22d0
SHA256

3221cd09e7b35ee47f6ef6a67701e23a4cde2d7b847829599ed61ecab2bc608c
SHA512

48439e782d657803104b50dff8fb7d3571c2cea7a816aaa6ef52fc1d2322d8ac5afa259fb192b38844469fcc7e25b8539bf3d9f0707f1782cb26fc4597e1eb4d
SSDEEP

6144:33mcypSXaS5UOUdLd8J9z5CR6wyK+lZlc3G0B/cNN/wQ8vnbUumaXxLcatV+qK:GcVbRUDI9A3W43G0lZvnbUNahLc8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a79efa01f1967f572a32e32ca006584_JaffaCakes118

Files

1a79efa01f1967f572a32e32ca006584_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c57c4ebbe0a1e40c8f6ed1bbb7dbeee9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
LoadModule
SetConsolePalette
GetStartupInfoA
GetConsoleHardwareState
FindFirstFileA
lstrcmpiW
AllocConsole
Sleep
GetSystemDirectoryW
FindResourceA
GetModuleHandleA
LocalFree
SetCommBreak
EnumSystemCodePagesA
ShowConsoleCursor
UpdateResourceW
GetSystemTimeAdjustment
InterlockedIncrement
Thread32First
GetLocalTime
ContinueDebugEvent
ExitProcess
LocalAlloc
MoveFileExA
GetThreadPriorityBoost
SetLastError
EnumTimeFormatsA
VirtualFree
GetAtomNameA
VirtualAlloc
GetModuleHandleW
GetCommTimeouts
WriteConsoleOutputCharacterW
SearchPathW
DeviceIoControl
EnumSystemLocalesA
GetDefaultCommConfigA
GetCurrentProcessId
FindNextChangeNotification
IsBadReadPtr
OpenSemaphoreW
GlobalFix
lstrcmpiA
VirtualAllocEx
FormatMessageA
GetCurrentThreadId

gdi32

GetRandomRgn
GetMiterLimit
GetGlyphOutline
SetDIBits
EnumFontsA
EnumICMProfilesA
GetPolyFillMode
CreateColorSpaceA
AddFontResourceA
SetDIBColorTable
GetStockObject
GetMetaRgn
SetWindowOrgEx
GetCurrentPositionEx
GetTextExtentPointW
GetViewportExtEx
CopyEnhMetaFileA
GetCurrentObject
GetStretchBltMode
GetLogColorSpaceW
GetGraphicsMode
GetOutlineTextMetricsA
GetSystemPaletteUse
GdiGetBatchLimit
SetPolyFillMode
GetPixelFormat
CancelDC
ExtSelectClipRgn
GetCharWidth32A

advapi32

RegLoadKeyW
RegSetValueExA
ObjectDeleteAuditAlarmA
InitializeSecurityDescriptor
RegQueryMultipleValuesA
SetNamedSecurityInfoA
LsaSetSecret
I_ScSetServiceBitsA

comdlg32

ChooseColorW

msvcrt

_wchmod
fscanf
wcslen
_unloaddll
_hypot
_strcmpi
_sys_nerr
gets
_strdup
strcoll
_wspawnl
_ismbcl1
_fileinfo
_wexecl
_strnset
atol
wcstoul
wcspbrk
_endthread
wcsncpy
_callnewh
puts
_makepath

ole32

CreateDataCache
OleDestroyMenuDescriptor
OleGetAutoConvert
CoGetInterfaceAndReleaseStream
OleNoteObjectVisible
OleMetafilePictFromIconAndLabel
GetHookInterface

user32

CharLowerBuffW
ChildWindowFromPoint
CountClipboardFormats
DlgDirSelectComboBoxExW
CreateIconIndirect
ChangeClipboardChain
DrawAnimatedRects
FrameRect
GetClassWord
CreateDialogIndirectParamW
CopyRect

Sections

.text
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wazib
Size: 120KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fllip
Size: 148KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vyni
Size: 148KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57c4ebbe0a1e40c8f6ed1bbb7dbeee9

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

comdlg32

msvcrt

ole32

user32

Sections

.text Size: 8KB - Virtual size: 9KB

.wazib Size: 120KB - Virtual size: 315KB

.fllip Size: 148KB - Virtual size: 194KB

.vyni Size: 148KB - Virtual size: 459KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 9KB

.wazib
Size: 120KB - Virtual size: 315KB

.fllip
Size: 148KB - Virtual size: 194KB

.vyni
Size: 148KB - Virtual size: 459KB

.reloc
Size: 1024B - Virtual size: 1KB