2412f0d6bd88d3cc376c89c0ab582e4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2412f0d6bd88d3cc376c89c0ab582e4e_JaffaCakes118
Size

64KB
MD5

2412f0d6bd88d3cc376c89c0ab582e4e
SHA1

11570b89884d38dba3df9ff22524bfe95d8aa82e
SHA256

3dacab83698a55ce1249375ade9e63361fa68dedf860068f6f56e044886b94ea
SHA512

2e0a5970e2862435c3e682f3bc27bcdf95fe43c3d7f2bae3ba6d22ae8485db3de47befc455e98e6d4e4d4be91bddf86207988ca82614ddf3ad5ea7ce6988ce0b
SSDEEP

1536:kuTL8CVrQGH/4mcWW8SdHZ2s/0LMDE76:3vn48W8SvXDE76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2412f0d6bd88d3cc376c89c0ab582e4e_JaffaCakes118

Files

2412f0d6bd88d3cc376c89c0ab582e4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47cb9340818275d6b150e3048f6b1544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsA
GetProcessTimes
DeleteFileW
LocalFree
GetCurrentProcess
LocalReAlloc
GetLocaleInfoW
LocalAlloc
GetUserDefaultLCID
GetTickCount
AreFileApisANSI
GetDateFormatA
FreeLibrary
GetSystemTime
Sleep
GetLastError
LeaveCriticalSection
SystemTimeToFileTime
EnterCriticalSection
CloseHandle
CompareFileTime
ReleaseMutex
IsBadReadPtr
WaitForSingleObject
lstrlenA
LoadResource
WideCharToMultiByte
ExpandEnvironmentStringsW
GetTimeFormatA
GetDateFormatW
FindResourceW
FindResourceA
SetFileAttributesW
SearchPathW
SetFileAttributesA
SearchPathA
CreateMutexW
CreateMutexA
CreateProcessW
CreateProcessA
LoadLibraryW
LoadLibraryA
lstrcpynA
DeleteFileA
MultiByteToWideChar
GetCurrentThreadId
LockResource
SetLastError
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetVersionExA
GetSystemDefaultLangID
GetTimeFormatW
lstrcmpA
GetProcAddress
GetModuleFileNameA
HeapFree

ole32

CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoTaskMemFree
CoCreateInstance
CLSIDFromString
StringFromGUID2

user32

MessageBeep
GetParent
IsWindowEnabled
GetDlgItemInt
SetForegroundWindow
CheckDlgButton
PostMessageA
SetFocus
IsDlgButtonChecked
GetFocus
EndDialog
CheckRadioButton
FindWindowA
SetWindowLongA
SetWindowTextW
WinHelpW
EnableWindow
DestroyIcon
InvalidateRect
BeginPaint
EndPaint
GetWindowLongA
SendMessageW
MessageBoxW
MessageBoxA
FindWindowW
SetWindowTextA
GetWindowTextW
WinHelpA
LoadImageW
LoadImageA
MapWindowPoints
OffsetRect
GetClientRect
MoveWindow
InflateRect
SetRect
GetDC
ReleaseDC
LoadStringA
CharPrevA
SendMessageA
GetDlgItem
GetSystemMetrics
ShowWindow
UpdateWindow
SystemParametersInfoA
LoadStringW
DialogBoxParamA
DialogBoxParamW
DefWindowProcA
DefWindowProcW
LoadIconA
GetWindowTextA
GetSysColor

advapi32

RegSetValueExW
RegSetKeySecurity
QueryServiceStatus
StartServiceW
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegQueryValueExA
AddAccessAllowedAce
OpenSCManagerW
GetLengthSid
InitializeAcl
RegCloseKey
FreeSid
RegOpenKeyExA
CloseServiceHandle
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
IsValidSid
GetTokenInformation
GetSidIdentifierAuthority
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteKeyA
RegQueryValueExW
RegCreateKeyExW
GetUserNameW
GetUserNameA
RegDeleteValueA
RegCreateKeyExA
RegDeleteValueW
OpenProcessToken
OpenServiceW

msvcrt

memset
wcscat
wcslen
wcscmp
_itow
wcsncmp
wcscpy
_ltow

comctl32

PropertySheetW
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageW

gdi32

UpdateColors
RealizePalette
SetDIBitsToDevice
DeleteObject
GetDeviceCaps
CreatePalette
SelectPalette

rpcrt4

NdrOleFree
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
NdrClientCall2
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
NdrOleAllocate
CStdStubBuffer_CountRefs

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47cb9340818275d6b150e3048f6b1544

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

msvcrt

comctl32

gdi32

rpcrt4

Sections

.text Size: 32KB - Virtual size: 29KB

.data Size: 24KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 952B

.text
Size: 32KB - Virtual size: 29KB

.data
Size: 24KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 952B