24e08d1ae0eca6daf1ad348288d03b60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24e08d1ae0eca6daf1ad348288d03b60_JaffaCakes118
Size

316KB
MD5

24e08d1ae0eca6daf1ad348288d03b60
SHA1

1ae4878dbbaf5f86d9722234a952a5d06e8795c4
SHA256

51321b0cb874881cd0f8106caa74f111025363042140db3ec4c2786f080d81a0
SHA512

b1914851401459c9187ebd80775c96701bd892b7a84bac77e5f45b2127f4db4499d7e27f04afbba7f5566086618380fc689a95632bcc52644fa6ec2d0ddf8dc3
SSDEEP

6144:2Ij4shQsMJXKP1ryqT9iHanEHJX7Wj/r8NNWMVl:6sh5m6PPiHP7k/rK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24e08d1ae0eca6daf1ad348288d03b60_JaffaCakes118

Files

24e08d1ae0eca6daf1ad348288d03b60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e253d6a8819e3bb01b96d06e9bab5253

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
VirtualQuery
VirtualQueryEx
DuplicateHandle
GetConsoleCursorInfo
ReadFile
SearchPathW
SetConsoleOutputCP
CreateNamedPipeW
SetCurrentDirectoryA
GetProcessTimes
EndUpdateResourceA
CancelIo
LCMapStringA
RaiseException
EnumResourceNamesW
GetBinaryTypeW
LocalSize
CreateMutexW
EnumResourceLanguagesW
SizeofResource
PurgeComm
VirtualAllocEx
GlobalUnlock
FlushFileBuffers
GetComputerNameW
ClearCommBreak
PeekNamedPipe
CloseHandle
GlobalFindAtomA
GetTempFileNameA
GetTapeStatus
SetEnvironmentVariableW
SwitchToFiber
FreeLibraryAndExitThread
InitializeCriticalSection
FileTimeToLocalFileTime
EnumCalendarInfoW
WritePrivateProfileStringW
GetCPInfo
GetOverlappedResult
SetVolumeLabelA
LocalAlloc
CopyFileExW
VirtualProtect
GetVersionExA
GetShortPathNameA
EraseTape
CreateEventA
LocalLock
GetCurrentDirectoryW
AllocConsole
FreeEnvironmentStringsA
GetTimeZoneInformation
FindNextChangeNotification
GlobalReAlloc
LoadResource
IsBadWritePtr
MoveFileW
GetDiskFreeSpaceW
CreateIoCompletionPort
CreateFileW
FormatMessageA
WritePrivateProfileStringA
DeleteFiber
FormatMessageW
RemoveDirectoryW
GetUserDefaultLangID
_lopen
CreateDirectoryW
GlobalAddAtomA
GetDateFormatA
OpenFile
QueryDosDeviceW
GetDriveTypeW
FindResourceExW
GetFileType
GetTempPathW
GetEnvironmentVariableW
GetCommandLineA
DosDateTimeToFileTime
GetBinaryTypeA
GetVersion
VirtualLock
lstrcmpiW
GlobalFlags
MultiByteToWideChar
ExitProcess

user32

GetWindowThreadProcessId
SwitchDesktop
IsChild
GetClassInfoA
EnumWindows
ScreenToClient
GetWindowRgn
MsgWaitForMultipleObjects
IsCharLowerW
SetTimer
SetWindowsHookExA
SetWindowTextA
GetFocus
SetWindowWord
ValidateRect
GetKeyboardLayoutNameA
GetClipboardOwner
GetClassNameW
CheckRadioButton
SetMenuInfo
LoadIconA
LoadStringA
InvalidateRect
EnableScrollBar
MapDialogRect
CopyAcceleratorTableW
RegisterWindowMessageA
SendNotifyMessageA
IsWindowVisible
CheckMenuItem
RegisterClipboardFormatW
HiliteMenuItem
GetUserObjectInformationW

gdi32

BeginPath
StretchBlt
DeleteDC
SetColorAdjustment
PolyBezier

comdlg32

GetSaveFileNameA
ChooseColorA
FindTextW
GetFileTitleW

advapi32

RegQueryInfoKeyA
EnumDependentServicesW
GetFileSecurityA
RegOpenKeyW
GetAce
AllocateLocallyUniqueId
CryptHashData
CryptGetKeyParam
SetSecurityInfo
InitiateSystemShutdownA
DeleteService
SetServiceObjectSecurity
GetUserNameA
EnumDependentServicesA
LogonUserW
CryptImportKey
DuplicateToken
CryptCreateHash
SetTokenInformation
ImpersonateSelf
DeleteAce
RegisterEventSourceA
AddAccessDeniedAce
RegSetValueA
LookupAccountNameA
GetServiceDisplayNameA
RegQueryValueW
LookupAccountNameW
RegReplaceKeyW
StartServiceCtrlDispatcherW

shell32

FindExecutableW
SHLoadInProc

ole32

OleQueryLinkFromData
OleSave
OleLockRunning
OleSetContainedObject
GetRunningObjectTable
OleSetClipboard

oleaut32

SafeArrayGetLBound
SetErrorInfo
SafeArrayUnaccessData
LoadTypeLi
VariantChangeType

comctl32

ImageList_SetImageCount
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_SetDragCursorImage

shlwapi

PathRemoveExtensionW
PathIsDirectoryEmptyW
StrCpyNW

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiGetDriverInfoDetailW
SetupDiGetClassDescriptionW

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e253d6a8819e3bb01b96d06e9bab5253

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 4KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 4KB