266263402faba27b9e534bb986357101_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

266263402faba27b9e534bb986357101_JaffaCakes118
Size

736KB
MD5

266263402faba27b9e534bb986357101
SHA1

fafe486d23c777dc55e38181da1934e89f0a14ec
SHA256

9c5213fbe1fec3c0d340984624797e21bf455cbee7bc851ba564419f26751539
SHA512

860098fe88fb8c1db1d30ddda838514e026bcf9c4a620d279ace556e4f8c75d51e7bd6cb44f63891d8dec387669efad47d7b61a37dc1ace0df7d78f5f28364a4
SSDEEP

12288:jHEuYa75AxWfZ55HsyVFX9BmituMesAlKAq9ZFg7qUaITlnUhbQhpClEpg9:jj3M+tHsuBzkMesZFkqgRUCGlEi9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266263402faba27b9e534bb986357101_JaffaCakes118

Files

266263402faba27b9e534bb986357101_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a87c317bc3242612941dec9a1addb94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_SetFlags
ImageList_Read

shell32

SHFileOperationW

kernel32

GetConsoleMode
ReadConsoleInputA
lstrlenA
GetModuleHandleA
GetLastError
GetStdHandle
SetEnvironmentVariableW
GetVersionExW
GetNumberFormatW
OpenSemaphoreW
WideCharToMultiByte
GetAtomNameW
TlsSetValue
WriteConsoleA
CompareStringA
HeapCreate
GetCommandLineW
TerminateProcess
CompareStringW
GetCurrentProcess
GetModuleHandleW
GetCPInfo
SetConsoleTitleA
RemoveDirectoryA
ReadFile
DebugBreak
GetEnvironmentStringsW
GetExitCodeProcess
FlushFileBuffers
CreateDirectoryW
IsDebuggerPresent
CreateFileMappingA
GetLocaleInfoW
WriteConsoleInputA
FindFirstFileExW
SetHandleCount
GetConsoleCP
FreeResource
CreateFileA
GetProfileIntA
CreateFileMappingW
MultiByteToWideChar
TlsFree
ExitProcess
GetCommandLineA
SetPriorityClass
HeapFree
TlsGetValue
EnumSystemLocalesA
VirtualQuery
InterlockedDecrement
FlushConsoleInputBuffer
GetProcAddress
GetTickCount
GetTimeZoneInformation
WriteFile
HeapValidate
SetEndOfFile
ResetEvent
TransmitCommChar
EnumDateFormatsW
GetDateFormatA
OpenMutexA
TlsAlloc
GetLocalTime
DuplicateHandle
GetOEMCP
Sleep
GlobalDeleteAtom
GetSystemDefaultLangID
RtlFillMemory
CreateNamedPipeA
DeleteCriticalSection
IsValidLocale
GetTimeFormatA
GetFileType
GetLocaleInfoA
CreateWaitableTimerW
GetFileAttributesW
CloseHandle
FreeLibrary
GetStartupInfoA
InterlockedExchange
QueryPerformanceCounter
HeapAlloc
HeapReAlloc
SetEnvironmentVariableA
GetACP
IsValidCodePage
GetConsoleOutputCP
SetConsoleCtrlHandler
HeapDestroy
LCMapStringW
CreateNamedPipeW
LCMapStringA
GetStartupInfoW
SetCurrentDirectoryA
DeleteFileA
CreateThread
FormatMessageA
SetLocaleInfoW
GetCurrentProcessId
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
SetFilePointer
RtlUnwind
EnumDateFormatsExA
lstrcmpiW
EnterCriticalSection
GetStringTypeA
GlobalFlags
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentThread
ExpandEnvironmentStringsW
GetCurrentThreadId
lstrcatW
FoldStringW
SetUnhandledExceptionFilter
HeapSize
SetCurrentDirectoryW
InterlockedIncrement
GetPrivateProfileSectionA
GetModuleFileNameW
LeaveCriticalSection
VirtualFree
SetLastError
GetProfileSectionW
LoadLibraryA
GetFileAttributesExW
CreateMutexA
GetStringTypeW
VirtualAlloc
FreeEnvironmentStringsW
CommConfigDialogW
GetEnvironmentStringsA
SetSystemTime
SetStdHandle
WriteConsoleW
GetModuleFileNameA
GetCurrencyFormatW
GetProcAddress

advapi32

DuplicateToken
LookupAccountNameA
LookupPrivilegeNameA
CryptVerifySignatureW
CryptAcquireContextA
CryptImportKey
RegCreateKeyW

user32

MessageBoxExA
SetCursorPos
DdeCmpStringHandles
CreateCursor
ClientToScreen
GetWindowContextHelpId
GetMenuDefaultItem
DdeQueryStringW
CreateMenu
GetNextDlgTabItem
DdeInitializeW
GetCursorPos
GetMessagePos
DestroyWindow
PaintDesktop
DdePostAdvise
ExcludeUpdateRgn
CreateMDIWindowA
WinHelpA
GetComboBoxInfo
BringWindowToTop
GetMenuState
OpenInputDesktop
SetProcessWindowStation
OpenDesktopA
SendMessageA
SetParent
GetKBCodePage
GetPropW
OpenClipboard
CreateWindowExA
SetLastErrorEx
GetCursorInfo
MessageBoxA
RegisterHotKey
GetLastActivePopup
GetMessageA
AdjustWindowRect
MsgWaitForMultipleObjects
SetWindowPlacement
GetUserObjectInformationW
ToAscii
RegisterClassA
RedrawWindow
ShowWindow
TileWindows
EqualRect
DdeQueryStringA
EndMenu
RegisterClassExA
DefWindowProcA
GetSubMenu

comdlg32

ChooseColorA
ChooseFontA
GetFileTitleW

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a87c317bc3242612941dec9a1addb94

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 468KB - Virtual size: 465KB

.data Size: 132KB - Virtual size: 138KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 468KB - Virtual size: 465KB

.data
Size: 132KB - Virtual size: 138KB

.rsrc
Size: 32KB - Virtual size: 31KB