223b465dc6f936167e7d9ca61d9a1ddd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

223b465dc6f936167e7d9ca61d9a1ddd_JaffaCakes118
Size

271KB
MD5

223b465dc6f936167e7d9ca61d9a1ddd
SHA1

a339259f482bab28ab7b21604abde292f47938e1
SHA256

bc1a71c29256144feb0a4a313fe336baf6504db7b7139a91518e3db5a190efe4
SHA512

5a68143d239c69ff07c305776b27f056fb7ec75e4d32da9f079f9f1d8b201b51ef7c40499db96645dd06dea6bce71bd96766e852c50458b2e0d2c1719cf38911
SSDEEP

6144:p1hbiJgH27vSjZuCLMkYr6vv/Ha3G9SL6Nn6+QeJlM:4J5UZuCL5coarD+Q2lM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
223b465dc6f936167e7d9ca61d9a1ddd_JaffaCakes118

Files

223b465dc6f936167e7d9ca61d9a1ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1075cf6cf1cd1bc9c5916d723d59d737

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize

kernel32

CreateDirectoryW
GetFileAttributesW
MoveFileW
GetVersionExW
CreateEventW
SetEvent
WaitForMultipleObjects
DuplicateHandle
InitializeCriticalSection
CreateMutexW
OpenMutexW
LocalFree
FindResourceW
LocalAlloc
GetModuleHandleA
lstrcmpA
lstrlenA
GetCurrentThread
GetTickCount
FileTimeToSystemTime
GetTempFileNameW
IsBadStringPtrA
MultiByteToWideChar
lstrlenW
lstrcpynW
GetFullPathNameA
lstrcpynA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
RaiseException
HeapCreate
ExitProcess
TlsAlloc
SetUnhandledExceptionFilter
GetVersion
GetFileAttributesA
GetCurrentThreadId
GetCurrentProcessId
GetTempPathW
LoadLibraryW
SetErrorMode
GetModuleHandleW
WaitForSingleObject
GetCurrentProcess
GetLastError
Sleep
FreeLibrary
GetModuleFileNameW
GetProcessHeap
GetVersionExA
FileTimeToLocalFileTime
GetProcAddress

user32

CreatePopupMenu
SetTimer
FindWindowW
TrackPopupMenu
IsDlgButtonChecked
DialogBoxParamW
EndDialog
SetWindowPos
GetDesktopWindow
SetWindowTextW
GetMenuItemInfoW
GetMenuItemCount
InsertMenuItemW
AppendMenuW
MessageBoxW
PeekMessageW
LoadImageW
CreateWindowExW
IsWindow
SetWindowLongW
SendMessageW
PostMessageW
GetMenuItemID
IsMenu
TrackPopupMenuEx
DestroyMenu

gdi32

DeleteObject

advapi32

RegEnumKeyW
RegDeleteKeyA
EqualSid
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

ord680
ShellExecuteExW
SHGetDesktopFolder

ole32

CoInitializeEx
CoUninitialize

scecli

SceStartTransaction
SceGenerateGroupPolicy
SceDcPromoCreateGPOsInSysvol
SceSetDatabaseSetting
SceSysPrep
SceSetupSystemByInfName

cnvfat

IsConversionAvailable

Sections

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bRTpw
Size: 1KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.B
Size: 2KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bGXVb
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BmDA
Size: 3KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 105KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Gft
Size: 4KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 109KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DI
Size: 2KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IYyXV
Size: 2KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1075cf6cf1cd1bc9c5916d723d59d737

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

scecli

cnvfat

Sections

.edata Size: 6KB - Virtual size: 6KB

.bRTpw Size: 1KB - Virtual size: 150KB

.text Size: 18KB - Virtual size: 18KB

.B Size: 2KB - Virtual size: 367KB

.bGXVb Size: 2KB - Virtual size: 26KB

.rdata Size: 3KB - Virtual size: 11KB

.BmDA Size: 3KB - Virtual size: 412KB

.edata Size: 105KB - Virtual size: 180KB

.Gft Size: 4KB - Virtual size: 563KB

.data Size: 7KB - Virtual size: 9KB

.edata Size: 109KB - Virtual size: 173KB

.DI Size: 2KB - Virtual size: 216KB

.IYyXV Size: 2KB - Virtual size: 179KB

.rsrc Size: 2KB - Virtual size: 1KB

.edata
Size: 6KB - Virtual size: 6KB

.bRTpw
Size: 1KB - Virtual size: 150KB

.text
Size: 18KB - Virtual size: 18KB

.B
Size: 2KB - Virtual size: 367KB

.bGXVb
Size: 2KB - Virtual size: 26KB

.rdata
Size: 3KB - Virtual size: 11KB

.BmDA
Size: 3KB - Virtual size: 412KB

.edata
Size: 105KB - Virtual size: 180KB

.Gft
Size: 4KB - Virtual size: 563KB

.data
Size: 7KB - Virtual size: 9KB

.edata
Size: 109KB - Virtual size: 173KB

.DI
Size: 2KB - Virtual size: 216KB

.IYyXV
Size: 2KB - Virtual size: 179KB

.rsrc
Size: 2KB - Virtual size: 1KB