1c59d629cd88cc11b1989cd42c4bb895_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c59d629cd88cc11b1989cd42c4bb895_JaffaCakes118
Size

380KB
MD5

1c59d629cd88cc11b1989cd42c4bb895
SHA1

de219625e0d582044a235573f710dab0d92a9c33
SHA256

65e1ff12c6a576df07599a02689bf6aaf6afd95a1bafe2e323be2cfa4917d5d2
SHA512

7a5f8ca4a225d9b5f97007a8ac7ed9528e5548ba37c491b76e52120bc95684a383129fdc94ed3a805b19da93b0519310afb87d4821edb1bf12ce6d5cf6acde1e
SSDEEP

6144:tCOdRgCe6vILrdeqFJJlbRfxs1ApmrCBFT7b92BDqAeTlpCYWouQ:tryF6wPdFvJl9O1Kmr2fffl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c59d629cd88cc11b1989cd42c4bb895_JaffaCakes118

Files

1c59d629cd88cc11b1989cd42c4bb895_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08724301bc69c7cba0039b446f09a376

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
_hread
SetStdHandle
GetCompressedFileSizeW
GetCommState
SetProcessShutdownParameters
FindFirstFileA
LeaveCriticalSection
GetACP
SetEvent
FatalAppExitA
FillConsoleOutputCharacterA
IsBadWritePtr
FindNextChangeNotification
VirtualLock
GetProfileStringA
VirtualProtect
lstrcmpA
GetProfileIntA
DuplicateHandle
TlsGetValue
CreatePipe
GetUserDefaultLCID
CloseHandle
GlobalAddAtomA
ExpandEnvironmentStringsW
SetCommTimeouts
GetUserDefaultLangID
ReleaseMutex
GetCommandLineW
GetPrivateProfileStringW
WritePrivateProfileSectionA
GetLargestConsoleWindowSize
FormatMessageA
GlobalAddAtomW
CompareStringA
IsDBCSLeadByteEx
WritePrivateProfileStringA
OpenSemaphoreW
ReadDirectoryChangesW
CreateNamedPipeW
GetTempFileNameA
SetMailslotInfo
WritePrivateProfileSectionW
LocalFileTimeToFileTime
VirtualUnlock
OpenMutexA
SetHandleCount
LocalReAlloc
SetEnvironmentVariableW
SetConsoleMode
FreeEnvironmentStringsA
SetVolumeLabelA
UnhandledExceptionFilter
CreateDirectoryA
GetSystemTime
SetSystemTime
SetThreadAffinityMask
CreateProcessA
VirtualAllocEx
GetProcessHeap
CreateFileW
SetProcessAffinityMask
CreateMutexW
CreateIoCompletionPort
FileTimeToLocalFileTime
EnumCalendarInfoW
GetEnvironmentVariableW
GlobalFindAtomW
GetThreadContext
GetTapeParameters
SetConsoleActiveScreenBuffer
EnumResourceLanguagesW
GlobalDeleteAtom
GetHandleInformation
ReleaseSemaphore
GetCurrentProcess
LoadLibraryExA
SetCommMask
GetCommandLineA
GetVersionExA
lstrlenA
SuspendThread
ExitProcess

user32

PostThreadMessageA
mouse_event
IsDialogMessageW
LoadKeyboardLayoutA
GetClassNameW
GetClipboardFormatNameW

gdi32

PolyBezier
GetNearestPaletteIndex
SetViewportOrgEx
StartPage

comdlg32

ChooseColorW
ReplaceTextW
GetOpenFileNameA
GetSaveFileNameA

advapi32

QueryServiceConfigW
RegConnectRegistryA
RegCreateKeyW
EnumServicesStatusW
LogonUserW
GetSecurityDescriptorControl
RegQueryValueExW
RegSetValueA
LookupPrivilegeValueW
AddAccessDeniedAce
RegEnumKeyExW
EnumDependentServicesA
GetAclInformation
RegCreateKeyA
RegOpenKeyA
SetSecurityDescriptorGroup
SetPrivateObjectSecurity
CryptImportKey
RegCreateKeyExA
CryptExportKey
NotifyBootConfigStatus
CryptDecrypt
CryptSetProvParam
RegFlushKey
QueryServiceStatus
RegisterEventSourceW

ole32

ReadFmtUserTypeStg
CoQueryProxyBlanket
StgCreateStorageEx
OleSetMenuDescriptor

oleaut32

SysAllocStringLen
SafeArrayGetLBound
VariantCopy
SysStringLen

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetImageInfo

shlwapi

StrDupW
PathUnquoteSpacesA
SHRegCreateUSKeyW
AssocCreate
StrCmpLogicalW
StrToIntW

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08724301bc69c7cba0039b446f09a376

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 32KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 32KB