24d5fa21cd1d85fceff8361ae74ef27d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24d5fa21cd1d85fceff8361ae74ef27d_JaffaCakes118
Size

320KB
MD5

24d5fa21cd1d85fceff8361ae74ef27d
SHA1

7a342f098f281de0f7e1ba0c8605c55b11df5d08
SHA256

bedb3a64c6250ad3a53b670ed5dbf3b3c3856551bfa8652b1105bfe9105381ec
SHA512

5762c12fda102aed7170e9483f27bfae7284b8459e03097f740c75428dfc35ea23dfb78f37d4c6120f17cff976102f717d89df1874998f1a4211b98254e3af8d
SSDEEP

6144:Zp6YxknhdomcmtEpzPlzpMy3SKXAguNcaV3g2tJf93Ny1VfI:rxkhdoPmolzpMyiXDT3dV3Ny1VfI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24d5fa21cd1d85fceff8361ae74ef27d_JaffaCakes118

Files

24d5fa21cd1d85fceff8361ae74ef27d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d49ba3044b7fe59ee8e47fcb8204673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
FormatMessageW
lstrcmpiW
RaiseException
WriteConsoleW
SetThreadExecutionState
GetModuleFileNameA
GetVolumeInformationA
FindFirstChangeNotificationW
CancelIo
SuspendThread
FindResourceExA
DeleteFileW
GetCurrentDirectoryW
GetModuleHandleA
GetFullPathNameA
EnumResourceLanguagesW
GetFileSize
CopyFileW
FindClose
CreateFileA
SetStdHandle
GetAtomNameA
WriteFileGather
GetTickCount
SetThreadAffinityMask
GetStartupInfoA
SetThreadIdealProcessor
ExitThread
DisconnectNamedPipe
SetWaitableTimer
GlobalAddAtomW
IsBadWritePtr
GetStringTypeW
LocalLock
FindNextFileA
CreateMutexW
CopyFileA
WriteConsoleOutputW
VirtualProtect
SetEndOfFile
GetProcessTimes
GetConsoleCP
InterlockedExchangeAdd
lstrlenA
GetEnvironmentStringsW
GetUserDefaultLangID
GetProfileStringW
GlobalCompact
GetSystemTimeAdjustment
SetSystemTime
HeapAlloc
FindResourceExW
GetSystemTime
WriteConsoleInputW
GetDateFormatW
CreateNamedPipeW
lstrcatW
VirtualUnlock
TransactNamedPipe
GetVersionExA
GetCommandLineA
GlobalFindAtomW
ExitProcess

user32

BroadcastSystemMessageW
BeginDeferWindowPos
DestroyIcon
GetUpdateRect
SetCaretBlinkTime
DrawStateW
ModifyMenuA
IsCharAlphaNumericA
EnumDesktopWindows
GetMenuDefaultItem
GetWindowPlacement
SetRect
DrawMenuBar
SendMessageTimeoutW
SetCaretPos
GetPropW
CreateWindowExA
CheckMenuRadioItem
EnumDisplaySettingsExA
PtInRect
EnumDisplaySettingsW
UnloadKeyboardLayout
DrawTextExW
EnumDisplaySettingsExW
SetScrollInfo
RegisterDeviceNotificationW
SetWindowTextA
ClipCursor
GetProcessDefaultLayout
SetClipboardViewer
DialogBoxParamW
DestroyCaret
SwitchDesktop

gdi32

CombineRgn
GetClipRgn
EnumObjects
GetMapMode
GdiFlush
GetTextCharsetInfo
CreatePolyPolygonRgn
Ellipse
RealizePalette
CopyMetaFileA

comdlg32

ReplaceTextW

advapi32

GetSidSubAuthorityCount
MapGenericMask
InitializeSid
OpenSCManagerW
DuplicateTokenEx
ObjectCloseAuditAlarmW
GetServiceDisplayNameA
RegQueryInfoKeyA
QueryServiceObjectSecurity

shell32

DuplicateIcon
SHGetFileInfoW
SHBrowseForFolderA
DoEnvironmentSubstW

ole32

CoCreateFreeThreadedMarshaler
CoFreeUnusedLibraries
StringFromCLSID

oleaut32

SafeArrayCreate
SetErrorInfo
SysAllocString
SafeArrayAccessData
SysAllocStringLen
SysStringLen
SafeArrayPtrOfIndex

comctl32

CreateStatusWindowW
ImageList_DrawIndirect

shlwapi

PathFindExtensionW
PathAddExtensionW
SHSetValueA
PathIsFileSpecW
StrCmpNA
SHSetThreadRef
StrChrW
PathStripPathA
PathCompactPathExW

setupapi

SetupGetLineCountW
SetupDiGetDeviceInfoListDetailA
SetupOpenLog
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsExA
SetupDiGetDeviceInstallParamsW
SetupDiEnumDeviceInterfaces
SetupDiSetSelectedDriverA
SetupDiClassGuidsFromNameW
SetupDiGetClassDevsExW

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d49ba3044b7fe59ee8e47fcb8204673

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 14KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 14KB