2660ac62ae4285dd4f5729980d841e24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2660ac62ae4285dd4f5729980d841e24_JaffaCakes118
Size

237KB
MD5

2660ac62ae4285dd4f5729980d841e24
SHA1

77c4eec7eed29f1455b9c3d1ceccb2670d0756c5
SHA256

7cd2cff023420e70266aacb7c148138fc03abed422f5933f49c87440456cc47f
SHA512

bec16bcdfdf3c03d5a6e026b1f54199556ac181a554a2c55a6212e8a01247e99c790151741a717c3fd37248637424311ccd49dbbed46495c3a096822bbeb7f53
SSDEEP

6144:DIy0QmMyzU9xqXJQgiAaNDs1xUNlwOg5b:nNm69xpgiA4DOebwz5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2660ac62ae4285dd4f5729980d841e24_JaffaCakes118

Files

2660ac62ae4285dd4f5729980d841e24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79dc4be8477717e9f518d3b2406df2aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalFindAtomA
GetEnvironmentVariableW
GetComputerNameA
GetCurrentDirectoryA
AddAtomW
GetProcessHeaps
lstrcat
CreateEventA
LocalAlloc
GetModuleFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
MoveFileW
GetMailslotInfo
SetEvent
GetExitCodeThread
GetTempPathW
WaitForSingleObject
FatalAppExitA
SetLocaleInfoA
SetCurrentDirectoryA
GetVersionExA
GetCurrentProcessId
FileTimeToDosDateTime
OpenMutexW
lstrcmpW
SetComputerNameW
LoadLibraryW
ReplaceFileW
FreeLibrary
IsValidLocale
IsValidCodePage
OpenSemaphoreW
ConnectNamedPipe
CompareFileTime
GetCalendarInfoA
OpenFile
GetTickCount
lstrcmpiA
GetLongPathNameA
EnumTimeFormatsA
CreatePipe
GetHandleInformation
WaitForMultipleObjects
LoadLibraryA
CreateMailslotA
GetExpandedNameA
LocalFree
GetShortPathNameA
WinExec
GetThreadPriority
SleepEx
Sleep
DeleteAtom

user32

SetTimer
LoadBitmapW
GetDCEx
RegisterClassExA
CreateMenu
CharUpperW
EmptyClipboard
SetParent
mouse_event
keybd_event
SetCapture
PostMessageA
RegisterClassA
OffsetRect
SendMessageW
CreateAcceleratorTableA
GetAsyncKeyState
GetWindowRgn
CharLowerA
wsprintfA
CharNextA
MoveWindow
wsprintfW
LoadIconW
GetMenuItemID
GetCapture
GetScrollPos
CharNextW
SetMenu
CreateDialogIndirectParamW
FindWindowW
GetKeyboardLayout
CopyRect
InsertMenuItemA
MessageBoxW
IsMenu
ShowCursor
SetForegroundWindow
wvsprintfW
GetClassInfoExA
SendDlgItemMessageW
SetDlgItemTextA
GetKeyState
GetTopWindow

gdi32

CreateBrushIndirect
CreateFontIndirectA
CreateScalableFontResourceA
CreateBitmapIndirect
GetTextExtentPointA
CreateEllipticRgn
GetMetaFileW
CreatePatternBrush
CreateICW
CreateFontA
CreatePalette
RemoveFontResourceExA
CreatePolyPolygonRgn
AddFontResourceA
DeleteObject
GetStockObject
TranslateCharsetInfo
CreateFontIndirectExW
SelectBrushLocal

shell32

StrCmpNW
ExtractIconEx
SHCreateDirectoryExW
SHCreateDirectoryExA
StrRStrW
Shell_NotifyIconW
ExtractAssociatedIconExW
ExtractIconW
StrStrA
SHBrowseForFolderA

shlwapi

PathRemoveExtensionW
IntlStrEqWorkerW
wvnsprintfW
UrlIsOpaqueW
PathCommonPrefixA
DllGetVersion
SHRegGetPathA
StrNCatW
PathIsDirectoryEmptyW
StrCmpNW
SHSetValueA
SHRegCreateUSKeyW
UrlGetLocationW
SHRegSetPathA
StrSpnW
StrRetToStrA
PathCombineW

oleaut32

VarI1FromR8
VarDateFromUdate
VarDecDiv
VarDecFromBool
VarDecInt
VarUI2FromR8
RegisterTypeLib
VarR8FromI1
VarI8FromR4
VarI1FromUI1

winmm

mmioInstallIOProcA
midiInGetID

Sections

.LjmjnO
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uht
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qWng
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HaJNhz
Size: 1KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nq
Size: 5KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Smr
Size: 4KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.v
Size: 10KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aCqdLZ
Size: 2KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79dc4be8477717e9f518d3b2406df2aa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

oleaut32

winmm

Sections

.LjmjnO Size: 3KB - Virtual size: 3KB

.uht Size: 84KB - Virtual size: 83KB

.qWng Size: 13KB - Virtual size: 13KB

.HaJNhz Size: 1KB - Virtual size: 483KB

.nq Size: 5KB - Virtual size: 225KB

.Smr Size: 4KB - Virtual size: 49KB

.b Size: 85KB - Virtual size: 85KB

.v Size: 10KB - Virtual size: 121KB

.aCqdLZ Size: 2KB - Virtual size: 177KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 1024B

.LjmjnO
Size: 3KB - Virtual size: 3KB

.uht
Size: 84KB - Virtual size: 83KB

.qWng
Size: 13KB - Virtual size: 13KB

.HaJNhz
Size: 1KB - Virtual size: 483KB

.nq
Size: 5KB - Virtual size: 225KB

.Smr
Size: 4KB - Virtual size: 49KB

.b
Size: 85KB - Virtual size: 85KB

.v
Size: 10KB - Virtual size: 121KB

.aCqdLZ
Size: 2KB - Virtual size: 177KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 1024B