23ef738dba8a916c59c889d8d06da0eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23ef738dba8a916c59c889d8d06da0eb_JaffaCakes118
Size

312KB
MD5

23ef738dba8a916c59c889d8d06da0eb
SHA1

2c88fa8daa5fa394d12a22e7114da38c5d13acbc
SHA256

9cc8605cece5215a13aeaf103fc9e5b606348a63360e1c85eea1208e5f6286a2
SHA512

1de2700ebe1744ae8266716e796b4179d93875bbf73042b46e57f0a1332ba436e599bd58d2f8521d8093039bf172a714711be7e3bfaec80b5e450863f433614a
SSDEEP

6144:qqG0t26hZ0kGjkR3bAzqlPnkReqv02CqXTpB+g6ca4B3Ifll6mFPQ:txZZBR30zaPKeqM2BTr+iB32Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23ef738dba8a916c59c889d8d06da0eb_JaffaCakes118

Files

23ef738dba8a916c59c889d8d06da0eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecdebcf36ca758e5c846fcca57d274b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
PeekConsoleInputW
WritePrivateProfileStructA
InitializeCriticalSection
SetThreadPriorityBoost
GetCommandLineW
GetSystemDefaultLangID
GetPrivateProfileStringA
LocalLock
GlobalFlags
LoadResource
lstrcmpiA
GlobalFindAtomA
WriteFile
WriteConsoleOutputW
MoveFileW
SetFileAttributesA
SuspendThread
GetOverlappedResult
GetCPInfo
SystemTimeToFileTime
GetVolumeInformationW
GetUserDefaultLCID
EnumResourceNamesW
IsBadStringPtrA
GetProcessTimes
GetAtomNameA
SetEnvironmentVariableW
SetCommMask
OpenSemaphoreW
GetSystemDirectoryW
SetLastError
GetVersion
ExitThread
PurgeComm
GetUserDefaultLangID
GetCommModemStatus
ConnectNamedPipe
GetTempPathW
LeaveCriticalSection
ReadConsoleInputW
IsProcessorFeaturePresent
GetFileAttributesExA
FindFirstFileW
TryEnterCriticalSection
IsBadWritePtr
GetProfileStringA
SetStdHandle
SetProcessShutdownParameters
ReadDirectoryChangesW
SetFileTime
CreateProcessA
CreateNamedPipeW
GlobalAddAtomW
GetPrivateProfileSectionW
FindResourceExA
GetDateFormatA
_hread
GetOEMCP
LocalReAlloc
SearchPathW
IsValidLocale
FindCloseChangeNotification
ExpandEnvironmentStringsW
GetConsoleCursorInfo
SetCurrentDirectoryA
VirtualProtect
CreatePipe
_lopen
CancelIo
WritePrivateProfileStringA
EnumDateFormatsW
GetEnvironmentVariableW
LCMapStringA
QueryDosDeviceW
CreateDirectoryW
CompareStringW
PrepareTape
GetCompressedFileSizeW
AreFileApisANSI
SetThreadAffinityMask
FillConsoleOutputCharacterA
GetACP
EnumSystemCodePagesA
RaiseException
GetVersionExA
GetCommandLineA
lstrlenA
FlushConsoleInputBuffer
ExitProcess

user32

EndDeferWindowPos
BeginPaint
MsgWaitForMultipleObjects
DialogBoxIndirectParamW
PostMessageA
SendMessageW
SetWindowLongA
GetSystemMetrics
SetProcessWindowStation
SetForegroundWindow
SetClassLongW
ModifyMenuA
CreateDialogIndirectParamA
BroadcastSystemMessageW
FlashWindowEx
ValidateRgn
ExcludeUpdateRgn
CopyRect
IsWindowVisible

gdi32

CreateSolidBrush
SetEnhMetaFileBits
SetStretchBltMode
CreateICW
PlayMetaFileRecord

comdlg32

PrintDlgA

advapi32

QueryServiceConfigW
CloseServiceHandle
RegRestoreKeyA
BuildTrusteeWithSidW
OpenServiceW
CryptCreateHash
AccessCheck
RegSetValueExW
GetPrivateObjectSecurity
UnlockServiceDatabase
CreateServiceW
SetSecurityDescriptorOwner
AccessCheckAndAuditAlarmW
CryptGetUserKey
GetServiceDisplayNameW
InitiateSystemShutdownW
IsValidSecurityDescriptor
DuplicateToken
CryptAcquireContextA
RegEnumKeyExW
RegSetValueA
SetServiceStatus
CreatePrivateObjectSecurity

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHLoadInProc

ole32

CoFileTimeNow
RevokeDragDrop
OleSetContainedObject
CoTaskMemRealloc
CoMarshalInterThreadInterfaceInStream

oleaut32

SafeArrayUnaccessData
SafeArrayGetLBound
SetErrorInfo
SafeArrayCreate

comctl32

ImageList_GetImageCount
ImageList_AddMasked

shlwapi

PathIsDirectoryW
UrlCreateFromPathW
PathRelativePathToA
StrCmpNW

setupapi

SetupGetLineCountA
SetupDiOpenDeviceInterfaceW
SetupDiOpenDevRegKey
SetupDiClassNameFromGuidExA
SetupDiGetDeviceRegistryPropertyW
SetupFindNextLine
SetupDiBuildDriverInfoList

Sections

.text
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecdebcf36ca758e5c846fcca57d274b3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 280KB - Virtual size: 277KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 280KB - Virtual size: 277KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 16KB