23d505c29600133f31954837edfd5393_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23d505c29600133f31954837edfd5393_JaffaCakes118
Size

2.1MB
MD5

23d505c29600133f31954837edfd5393
SHA1

3ec68cbfe80c6c88fab228ecf25a90511a0681ff
SHA256

79502b69610594ab8e8cafe60ed09f16b7ed3dd3784d458e6f333463bab5d0bf
SHA512

b9b2bb9b5e75b79b067f879745d2089dc15d520d7bb0685912a697c1eedfe8d378a6534f56626932c8ee26d10dc80ae148b66cf9ccb3c40f47f688075701308a
SSDEEP

49152:291pG0TMARxLnO6YvzcxYz1JdCDMGVDEseh7mlY:yrRAAvLnvYvzS2he9edIY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23d505c29600133f31954837edfd5393_JaffaCakes118

Files

23d505c29600133f31954837edfd5393_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9171ac0d2d583f6dde4b93cc3b9d44c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableA
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderPathA

comctl32

ImageList_LoadImageA

kernel32

PrepareTape
PeekConsoleInputW
GetPrivateProfileStringW
SetNamedPipeHandleState
ExitProcess
GetModuleFileNameW
GlobalFindAtomA
DeleteFiber
SetEvent
WaitNamedPipeA
GetCompressedFileSizeW
WriteConsoleOutputW
GetProcessHeap
GetFileAttributesExA
FormatMessageA
LoadLibraryExW
EnumDateFormatsW
GetBinaryTypeW
_llseek
GetBinaryTypeA
GetAtomNameA
CreateNamedPipeW
ClearCommBreak
CreateWaitableTimerA
WritePrivateProfileSectionA
FatalAppExitA
CompareStringW
SetupComm
GetVolumeInformationW
VirtualProtect
GetVersion
SetErrorMode
WriteConsoleOutputCharacterA
GetThreadPriority
FlushFileBuffers
GetCommModemStatus
ReadFileScatter
lstrcpynA
SetMailslotInfo
FormatMessageW
IsBadReadPtr
GetDiskFreeSpaceW
EndUpdateResourceA
UnmapViewOfFile
GetFileInformationByHandle
WritePrivateProfileStructA
ReadFile
RaiseException
lstrcmpiA
AreFileApisANSI
OpenFile
FindFirstFileW
GetPrivateProfileSectionW
GetSystemInfo
Beep
SetProcessAffinityMask
GetLocaleInfoW
FindResourceExW
GlobalAddAtomW
FreeLibrary
GlobalGetAtomNameW
SetThreadLocale
EraseTape
GetTapeStatus
FreeResource
GlobalReAlloc
FindResourceExA
EnumResourceLanguagesW
GlobalFlags
SetConsoleOutputCP
EnumResourceNamesW
FreeEnvironmentStringsA
GetStartupInfoA
EnumResourceNamesA
FindCloseChangeNotification
GetLargestConsoleWindowSize
ConnectNamedPipe
_lclose
DuplicateHandle
GetWindowsDirectoryA
CreateIoCompletionPort
PulseEvent
GetCurrentProcessId
FileTimeToLocalFileTime
MultiByteToWideChar
DeleteCriticalSection
CloseHandle
GetPrivateProfileStringA
GetDriveTypeW
GetCPInfo
IsProcessorFeaturePresent
IsValidLocale
SwitchToFiber
CreateEventA
LocalFileTimeToFileTime

user32

DrawStateW
GetCaretBlinkTime
MessageBoxIndirectW
SetWindowRgn
GetMessageTime
IsWindowVisible
keybd_event
GetScrollPos
GetThreadDesktop
SetWindowLongW
GetClassLongW
SetWindowPlacement
GetDlgItem
GetGuiResources
SetPropA
AttachThreadInput
OpenClipboard
PostQuitMessage
GetMenuItemRect
FrameRect
InsertMenuW
PtInRect
BringWindowToTop
GetWindowTextW
SetWindowsHookW
DrawTextExW
RegisterClassW
CharUpperBuffA
GetKeyNameTextA
GetDlgItemTextW
RegisterDeviceNotificationA
ShowCursor
BeginPaint
EnumChildWindows
LoadCursorA
SetScrollInfo
CreatePopupMenu
FlashWindow
MessageBoxA
SetClipboardData
InflateRect
GetScrollBarInfo
DestroyIcon

msvcrt

_strncoll
malloc
longjmp
_sopen
freopen
difftime
strncpy
wcsspn
_i64tow
__doserrno
getenv
_wsplitpath
_strcmpi
islower
_mbsncmp
swprintf
iswctype
_wctime
_tell
_wmakepath
wcstol
_ui64tow
_wcslwr
_locking
_lseek
setlocale
_wcsrev
_strnicmp
_mbsnbcmp
_setmbcp
isalpha
_mbsicmp
fgetws
ftell
_umask
_wcsicoll
_endthreadex
strtol
strpbrk
strncmp
_mbsnextc
_kbhit
_open
_setmode
_ismbblead
floor
_unlink
fputwc
iswprint
tmpnam
_getcwd
__p___argc
_wcsdup
fgetwc
_fsopen
_mbsnbcpy
wcstod

Sections

.text
Size: 8KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9171ac0d2d583f6dde4b93cc3b9d44c8

Headers

File Characteristics

Imports

shell32

comctl32

kernel32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 225KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 225KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB