2356a8b1b2eb7161804db4d8783096a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2356a8b1b2eb7161804db4d8783096a9_JaffaCakes118
Size

286KB
MD5

2356a8b1b2eb7161804db4d8783096a9
SHA1

07110ced88ea2c108d3964ac31ac783def0bfcd4
SHA256

2de532fc0056654b4a66f467071b1877fcc548ac6bca634fecc8f3814a4650a7
SHA512

9e968395a5aca5c5d217ee9ed2d2358ff1a440909ca2d7f89c6de667ac8e67a187c14b90d34d5232ba2ec1e9df13c30a15b45a1f8a4b7942f8d10552fe9053f2
SSDEEP

6144:yfF+K4lnbkPC2E5mO9b+yO/dQpLo9WMB:CF+K4Zqqf9b5VLov

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2356a8b1b2eb7161804db4d8783096a9_JaffaCakes118

Files

2356a8b1b2eb7161804db4d8783096a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7866a69ddcab49eab2072ddaab7d8f13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersionExA
GetCommandLineA
SetThreadPriorityBoost
CreateDirectoryExW
Sleep
CreateProcessW
VirtualFreeEx
SetProcessWorkingSetSize
lstrcpynA
DeleteFileA
EnumCalendarInfoA
GetCompressedFileSizeW
EnterCriticalSection
HeapUnlock
GetCPInfo
LCMapStringA
GetExitCodeThread
GetEnvironmentVariableW
OutputDebugStringW
Module32Next
SetThreadAffinityMask
GetFileAttributesA
CreateWaitableTimerA
SetCalendarInfoA
GetVersionExW
GetStartupInfoA
VerLanguageNameW
HeapLock
ReadConsoleOutputW
GetStringTypeW
VirtualProtectEx
GetConsoleTitleA
GetModuleFileNameA
FlushFileBuffers
CreateIoCompletionPort
GetConsoleTitleW
GetProfileSectionW
SetThreadLocale
SetConsoleOutputCP
VirtualAlloc
GetSystemDefaultLCID
SignalObjectAndWait
ConnectNamedPipe
GetMailslotInfo
InitializeCriticalSection

user32

SetDoubleClickTime
InSendMessage
MapVirtualKeyW
SendNotifyMessageA
MessageBoxA
CreatePopupMenu
GetMenuStringW
GetCursor
SetWindowsHookExA
IsCharAlphaNumericA
GetWindowLongA
SetDlgItemTextA
AnyPopup
SendMessageW
GetActiveWindow
SetProcessWindowStation
RegisterHotKey
GetUpdateRgn
CreateDialogParamA
SetWindowWord
AppendMenuW
FlashWindow
DlgDirSelectComboBoxExA
CheckMenuRadioItem
ChildWindowFromPointEx
LoadImageA
InvalidateRect
DefWindowProcA
GetWindowTextA
EnumDesktopsW
CharNextExA

gdi32

GetTextCharsetInfo
EnumFontFamiliesExA
CreateRectRgnIndirect
CreateEllipticRgn
GetWorldTransform
UpdateICMRegKeyW
AbortDoc
PolyTextOutA
CreateFontW
CreateDiscardableBitmap
GetTextAlign
StartDocA
SetBrushOrgEx
GetBrushOrgEx
DeleteObject
GetViewportOrgEx
CreateICA
SelectPalette
RemoveFontResourceA
GetGraphicsMode
Rectangle
DrawEscape
DPtoLP
GetArcDirection

comdlg32

CommDlgExtendedError

advapi32

AreAllAccessesGranted
GetAce
CryptSetProviderW
BuildTrusteeWithSidA
ObjectCloseAuditAlarmW
GetExplicitEntriesFromAclA
InitializeSid
GetMultipleTrusteeOperationW
GetSecurityDescriptorSacl
PrivilegeCheck
GetSidLengthRequired
AccessCheckAndAuditAlarmW
RegRestoreKeyW
CryptHashSessionKey
CryptVerifySignatureW
RegQueryValueExA
RegCreateKeyExW
RegSetKeySecurity
LookupAccountNameW
RegQueryMultipleValuesA
CryptDuplicateHash
CryptContextAddRef

shell32

SHInvokePrinterCommandA
DragQueryPoint
ShellExecuteW
ExtractIconExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7866a69ddcab49eab2072ddaab7d8f13

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 12KB

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 12KB