22f5132350661e0a6162aaa53ceb0c13_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

22f5132350661e0a6162aaa53ceb0c13_JaffaCakes118
Size

360KB
MD5

22f5132350661e0a6162aaa53ceb0c13
SHA1

526b7ad59ee8b81c6344c62c4ba4293c75672362
SHA256

870af1e4647d7ebfc81bc2f0b153073feb95938f5c4b3f0ae003fe3da9b88f69
SHA512

f204502aff9fbf6c8c6d7187ea56a51c10b695a2b42a781476cf0ed4061575a41ae3c9782bf1a4a819a25807c57c67b7ad0227f4d1583d5084eedc6b4ec96f78
SSDEEP

6144:y4uz8FsYm7LRExDuqsjNRJQoi25HmwUgi7HpV61ct7ZWR1S4IE3o63IHHQh9WVDd:pGYQtEtuqsjNok2rtV8cfWR1oirh9WZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22f5132350661e0a6162aaa53ceb0c13_JaffaCakes118

Files

22f5132350661e0a6162aaa53ceb0c13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e42736bac970f20a719376ef4171412

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
SetThreadPriority
CreateMutexW
WriteConsoleOutputCharacterA
GetTickCount
CompareStringW
GetFileAttributesExA
CloseHandle
CreateRemoteThread
GetThreadSelectorEntry
SetupComm
CreateMailslotA
CreateConsoleScreenBuffer
IsProcessorFeaturePresent
FlushConsoleInputBuffer
WaitForMultipleObjectsEx
GetSystemDefaultLCID
Beep
PeekConsoleInputW
EnumSystemLocalesA
SetEndOfFile
EnterCriticalSection
FindCloseChangeNotification
SwitchToFiber
DeleteAtom
EnumSystemCodePagesW
SetMailslotInfo
GetShortPathNameW
CreateProcessW
WriteTapemark
GlobalFree
GetNumberOfConsoleInputEvents
GetCurrentProcess
GetCompressedFileSizeW
RemoveDirectoryW
VirtualProtect
GetVersionExA
GetModuleHandleA
GlobalFlags
SetConsoleOutputCP
IsDebuggerPresent
AddAtomA
_llseek
MultiByteToWideChar
ReadConsoleOutputAttribute
GetSystemTimeAdjustment
OpenEventW
GetProfileIntW
CreateMutexA
MulDiv
QueryPerformanceFrequency
GetStartupInfoA
GetModuleHandleW
LeaveCriticalSection
FindAtomA
LoadLibraryW
GetExitCodeProcess
LCMapStringW
CreateWaitableTimerW
GlobalAddAtomA
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetCommandLineW
GlobalMemoryStatus
CreateMailslotW
GetDiskFreeSpaceExA
ScrollConsoleScreenBufferW
SetStdHandle
IsBadReadPtr
IsBadStringPtrA
QueryDosDeviceA
GetFileAttributesExW
GetCommConfig
WriteProfileStringW
GetWindowsDirectoryW
lstrlenA

user32

DeferWindowPos
GetKeyNameTextA
IsCharUpperW
GetKeyState
GetCaretBlinkTime
SendMessageA
RegisterWindowMessageW
SetPropW
ChangeDisplaySettingsA
DefWindowProcA
LoadBitmapA

gdi32

CreatePolygonRgn

comdlg32

ChooseFontW
ReplaceTextW
ReplaceTextA

advapi32

IsValidSecurityDescriptor
LockServiceDatabase
PrivilegeCheck
SetFileSecurityA
SetFileSecurityW
GetNamedSecurityInfoW
CloseEventLog
StartServiceA
DeleteAce
CryptGenKey
NotifyChangeEventLog
RegSetValueExA
RegOpenKeyA
ChangeServiceConfigA
MakeAbsoluteSD
AllocateAndInitializeSid
NotifyBootConfigStatus
RegQueryValueExW
BuildTrusteeWithSidW
GetSecurityDescriptorDacl
CreateProcessAsUserA
BuildSecurityDescriptorW
RegQueryInfoKeyW
ObjectCloseAuditAlarmA
GetExplicitEntriesFromAclW
RegReplaceKeyW
ImpersonateLoggedOnUser
RegisterEventSourceA
OpenServiceA
CryptSetKeyParam
RegDeleteKeyA
QueryServiceStatus

shell32

DragQueryFileW
SHGetFileInfoW
DragFinish
SHAddToRecentDocs

ole32

WriteClassStm
FreePropVariantArray
CoRegisterMessageFilter
OleCreateLink
OleNoteObjectVisible

oleaut32

GetActiveObject
SafeArrayPtrOfIndex
VariantChangeTypeEx
SafeArrayGetElement
SysAllocStringLen
SafeArrayPutElement
SafeArrayGetUBound
LoadTypeLi
SetErrorInfo
SafeArrayCreate

comctl32

ImageList_SetBkColor

shlwapi

PathFindNextComponentW
SHRegGetBoolUSValueW
PathGetCharTypeA
StrCmpNW
PathAppendA

setupapi

SetupCloseFileQueue
SetupDiClassGuidsFromNameExA
SetupDiEnumDeviceInterfaces
SetupDiBuildClassInfoList

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_controlfp

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e42736bac970f20a719376ef4171412

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 40KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 40KB