23c30bfc1893df58bdad911fbd00b6a3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23c30bfc1893df58bdad911fbd00b6a3_JaffaCakes118
Size

340KB
MD5

23c30bfc1893df58bdad911fbd00b6a3
SHA1

f014efb2b4a531c2167e98d86c0f274bf7b060c0
SHA256

9d6cc28dd3f9ac509d8797f24e8589b4a53e5278d148b6b816e16b7d591dbad8
SHA512

6cb37e642826d02ca523062779d7c733ba7826a3940942b45ac6f4605e773b4980793e6feb218284c833ef079ef3c57a5d609b524430820ae817ebd141e3e336
SSDEEP

6144:Sdf1TUMdVMbHD99zFBSKBr9JwSSDxmcsdYHFOMvPXPD7jHaUMjs0:ofNUMdVkjj5RyNDkcusvPXPD7jL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23c30bfc1893df58bdad911fbd00b6a3_JaffaCakes118

Files

23c30bfc1893df58bdad911fbd00b6a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

996da19ef20c8dbed4c968253e3dc22d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConnectNamedPipe
ExitProcess
GetCommandLineW
PrepareTape
LeaveCriticalSection
VirtualQueryEx
FreeLibrary
EnumSystemCodePagesA
CreateFileW
_llseek
GetComputerNameW
CreatePipe
GetDriveTypeW
CreateEventA
SetupComm
_lread
GetThreadPriority
CreateWaitableTimerA
CompareStringW
GetDiskFreeSpaceW
GetSystemInfo
IsDBCSLeadByteEx
GetTickCount
LocalReAlloc
CloseHandle
FatalAppExitA
GetBinaryTypeA
GenerateConsoleCtrlEvent
IsBadWritePtr
WritePrivateProfileStringW
GetLargestConsoleWindowSize
CreateDirectoryExA
GetFullPathNameA
WriteConsoleOutputCharacterA
GetShortPathNameW
SetFileAttributesA
SetLastError
CreateDirectoryW
WritePrivateProfileStructA
SetThreadLocale
EnumTimeFormatsW
GetSystemTime
GetWindowsDirectoryA
RemoveDirectoryW
SetEnvironmentVariableA
ReadFileScatter
FindFirstFileA
GetFileType
GetSystemDefaultLangID
FreeLibraryAndExitThread
SuspendThread
GetProcessTimes
UnhandledExceptionFilter
IsBadReadPtr
CreateNamedPipeW
CreateMutexW
WriteProcessMemory
GetDateFormatA
SetStdHandle
AllocConsole
IsValidLocale
WaitNamedPipeA
GlobalDeleteAtom
FormatMessageA
GetEnvironmentStringsW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetSystemTime
LoadLibraryExW
SizeofResource
WritePrivateProfileSectionW
FindResourceExW
TlsGetValue
VirtualProtect
GetVersionExA
SetVolumeLabelA
OutputDebugStringA
GlobalFindAtomA
ReadDirectoryChangesW
MultiByteToWideChar
lstrcatW
LocalSize
VirtualFree
PurgeComm
GetModuleFileNameW
GetEnvironmentVariableW
GetCommandLineA

user32

SwitchToThisWindow
IsCharLowerA
HideCaret
DrawTextExW
CreateAcceleratorTableW
GetScrollInfo
SetProcessWindowStation
GetTitleBarInfo
BringWindowToTop
GetCaretBlinkTime
ScrollDC
GetKeyNameTextW
IsCharAlphaW
GetClipboardViewer
FillRect
CharUpperBuffA
EnumDisplayDevicesW
CloseDesktop
SetParent
UnhookWindowsHook
UnregisterClassW
TrackMouseEvent
SetActiveWindow
GetParent
GetWindowThreadProcessId
IsCharAlphaA
FlashWindowEx
KillTimer
EnumDesktopsW
GetClassNameA
CharPrevA
DialogBoxIndirectParamA
LoadMenuIndirectA
GetScrollBarInfo
DestroyIcon
DrawCaption
SetClassLongA
EndDeferWindowPos
MenuItemFromPoint
InsertMenuItemA
EnableMenuItem
GetWindowDC
DeferWindowPos
GetMenuItemCount
GrayStringW
GetMonitorInfoA
GetUpdateRect
TranslateAcceleratorA
SetCaretBlinkTime
GetClassLongA
GetCapture
SetWindowContextHelpId
InsertMenuItemW
GetTabbedTextExtentA

gdi32

CreateDIBitmap
PolylineTo
GetMetaFileBitsEx
GetTextMetricsA
SelectObject

comdlg32

ChooseFontA
CommDlgExtendedError

advapi32

GetExplicitEntriesFromAclW
StartServiceW

ole32

OleFlushClipboard
CoReleaseMarshalData
OleCreateLink
OleCreateMenuDescriptor
CoRegisterMallocSpy
ReadClassStg

oleaut32

SafeArrayPutElement
SafeArrayUnaccessData

comctl32

ImageList_EndDrag
ImageList_Add

shlwapi

PathIsDirectoryEmptyW
SHRegGetUSValueW
StrCatBuffA
PathIsRelativeW
StrToIntExW
SHSetValueW
SHAutoComplete
StrRStrIW
StrFormatKBSizeW
SHEnumValueW
StrCmpIW
wnsprintfA

setupapi

SetupDiRemoveDevice
SetupGetTargetPathW
SetupIterateCabinetW
SetupDiSetSelectedDevice
SetupCommitFileQueueA
SetupFindNextLine
SetupDiEnumDeviceInterfaces
SetupDiBuildClassInfoList

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

996da19ef20c8dbed4c968253e3dc22d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 284KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 40KB - Virtual size: 38KB

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 40KB - Virtual size: 38KB