24401799e9b13a347200b39ac0aeacc9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24401799e9b13a347200b39ac0aeacc9_JaffaCakes118
Size

344KB
MD5

24401799e9b13a347200b39ac0aeacc9
SHA1

23168ebe7d9df77b54e9f16dd83514d05eb407e3
SHA256

03de30b2d3c50e89dc3429962164ca56002d3298d64943d7c2af46c89d2c33e1
SHA512

707aac88a83f6df8f76740c4796218dae3c44ec50f81c9b26769c770caa1ce723a7670b035356bce81f41b87a79678ff5687717bb87443c8e10983c0bbfead0c
SSDEEP

6144:fIgv+xn6brf/FLNmaYZW+435oIZ8LMR1W/iHH9gqeJzBJ8hq20:frvPHCZx4jLkKHHTeJ9Kq20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24401799e9b13a347200b39ac0aeacc9_JaffaCakes118

Files

24401799e9b13a347200b39ac0aeacc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fb00cb9bbf17b728378eb2a3a635b5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
LockFile
IsBadReadPtr
SetConsoleCursorPosition
lstrcatA
GetModuleHandleW
SetEnvironmentVariableA
GetCurrentDirectoryW
GlobalMemoryStatus
WaitForSingleObject
GetStringTypeExW
SleepEx
WritePrivateProfileSectionW
UpdateResourceA
SwitchToFiber
GetFileSize
CreateProcessW
SetErrorMode
ReadConsoleOutputA
GetFileAttributesA
GetQueuedCompletionStatus
TlsAlloc
GetTapePosition
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
LoadLibraryExW
CreateThread
RemoveDirectoryA
DeleteAtom
GetTimeZoneInformation
LoadLibraryA
LocalFree
GetEnvironmentVariableA
GetModuleFileNameW
GlobalLock
TlsFree
FindCloseChangeNotification
GetCurrentDirectoryA
HeapCreate
RaiseException
SetFilePointer
GetCPInfo
ConnectNamedPipe
OutputDebugStringA
GetWindowsDirectoryW
WritePrivateProfileStructA
GetOverlappedResult
GetCurrentThreadId
GetProfileIntA
FileTimeToDosDateTime
UnlockFile
PeekConsoleInputA
EnumResourceLanguagesA
VirtualAlloc
GetSystemDirectoryA
OpenFileMappingA
SetFileTime
CopyFileA
lstrlenA
SetTapeParameters
CreateFileMappingW
ReadConsoleW
GetNumberOfConsoleInputEvents
ReadConsoleA
OpenFileMappingW
SetMailslotInfo
DeleteFileA
SetEvent
GetProcessHeap
EnumResourceTypesA
InitializeCriticalSection
FindFirstChangeNotificationW
GetFileType
OpenFile
SetConsoleTextAttribute
VirtualProtect
GetVolumeInformationA
WaitCommEvent
GetDriveTypeW
GlobalFlags
ClearCommError
FindNextChangeNotification
GetVersionExA
VirtualQueryEx
SetSystemTime
GetThreadPriority
GetDiskFreeSpaceExW
FindNextFileA
GetHandleInformation
InterlockedExchange
GetPrivateProfileSectionNamesA
lstrcpynW
FindClose
HeapDestroy
TerminateThread
FindFirstChangeNotificationA
DefineDosDeviceW
ScrollConsoleScreenBufferW
TlsSetValue
MapViewOfFileEx
SetProcessShutdownParameters
lstrlenW
GetThreadSelectorEntry
CreateWaitableTimerA
GetStringTypeW
MultiByteToWideChar
LoadResource
IsDebuggerPresent
AreFileApisANSI
WriteConsoleA
EndUpdateResourceA
GetCommandLineA
_llseek
ExitProcess

user32

FindWindowA
DefDlgProcA
LoadIconA
ShowCursor
UnloadKeyboardLayout
UnregisterClassA

comdlg32

PrintDlgA

advapi32

MapGenericMask
SetEntriesInAclA
CryptGetKeyParam
SetPrivateObjectSecurity
RegOpenKeyExW
RegOpenKeyExA
LookupPrivilegeDisplayNameA
PrivilegeCheck
GetNamedSecurityInfoW
GetSecurityDescriptorLength
CryptExportKey
OpenThreadToken
SetServiceStatus
ObjectCloseAuditAlarmA
FreeSid
InitiateSystemShutdownW
RegisterServiceCtrlHandlerW
RegisterEventSourceA
AdjustTokenPrivileges
GetFileSecurityA
RegRestoreKeyA
DeregisterEventSource
RegEnumKeyW
DuplicateTokenEx
GetSecurityInfo
RegDeleteKeyW
ChangeServiceConfigA
CryptGetHashParam
MakeSelfRelativeSD
GetSecurityDescriptorDacl
SetTokenInformation
OpenServiceW
RegConnectRegistryW

shell32

DragAcceptFiles
SHGetSettings
SHGetPathFromIDListA
SHBrowseForFolderW

ole32

CreateItemMoniker

oleaut32

SysAllocString
SafeArrayGetLBound
SafeArrayRedim
SetErrorInfo
SafeArrayAccessData
VariantCopy
SafeArrayGetUBound

comctl32

ImageList_SetIconSize
ImageList_LoadImageW
CreatePropertySheetPageW

shlwapi

StrRetToBufW

setupapi

SetupDiOpenDevRegKey
SetupDiRemoveDevice
SetupOpenInfFileW
SetupDiSetSelectedDevice
SetupDefaultQueueCallbackA

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fb00cb9bbf17b728378eb2a3a635b5e

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 24KB