258b6df1159b526e5c0769dac9691ff4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

258b6df1159b526e5c0769dac9691ff4_JaffaCakes118
Size

344KB
MD5

258b6df1159b526e5c0769dac9691ff4
SHA1

f670e8a80062085d204cfcee48badf3ad5833df4
SHA256

d97abe6ff8e58e0326b4eb0b5754c1a7f84ea7e1ed29113d6e2b90ec2c576fbb
SHA512

4ef50e9c600df88d605636933d4c109f0f1f93b50b5cea7cb92b686e6238d31d501235c256c61f51b31922223fb77cc0993f149b2be91818dc52b5e7e27ea6a4
SSDEEP

6144:VGu6oU5zCJnXikbyQHFmPCXRyLtvOkgBR1wuyKjGToVfYrDe0hiQHCvnOmbK:V5O5zCRiwyQHF9XYLtvO1J9KYYvqQHwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
258b6df1159b526e5c0769dac9691ff4_JaffaCakes118

Files

258b6df1159b526e5c0769dac9691ff4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

839f9e36c6da75ef6b55405bb62fb8c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
ReadFile
GetFileInformationByHandle
lstrcpynA
GetCommandLineW
GetSystemDirectoryW
lstrcatW
GetDriveTypeW
GetVersion
PurgeComm
ConnectNamedPipe
CreateDirectoryW
GetFullPathNameA
FatalAppExitA
GetThreadContext
GetCommConfig
_lopen
TryEnterCriticalSection
FormatMessageA
GlobalReAlloc
VirtualFree
UnhandledExceptionFilter
GetEnvironmentVariableW
VirtualAllocEx
AreFileApisANSI
GetOverlappedResult
EnumDateFormatsW
QueryDosDeviceA
SetConsoleTitleA
GetUserDefaultLCID
lstrcmpiW
OpenSemaphoreW
LocalSize
DeleteFiber
FlushFileBuffers
VirtualAlloc
CreateEventA
DeleteCriticalSection
VirtualQuery
GetStringTypeExW
FreeResource
ClearCommBreak
lstrcmpiA
GetNumberFormatW
GetModuleFileNameW
OutputDebugStringA
IsDBCSLeadByteEx
GetLongPathNameA
SetConsoleCursorPosition
PeekNamedPipe
EnumSystemCodePagesA
GetOEMCP
CompareStringW
FindNextChangeNotification
IsProcessorFeaturePresent
InitializeCriticalSection
GetLogicalDriveStringsA
VirtualProtect
GetVersionExA
SwitchToFiber
GetCurrentProcess
CreateDirectoryA
LoadLibraryExA
SetCommMask
SizeofResource
GetCPInfo
GlobalUnlock
ReleaseSemaphore
ExpandEnvironmentStringsW
FindFirstFileExW
ExitThread
FlushConsoleInputBuffer
GetSystemInfo
GlobalGetAtomNameW
OpenFile
FindResourceExA
CreatePipe
LCMapStringA
FreeEnvironmentStringsA
MultiByteToWideChar
CancelIo
CreateProcessA
SetupComm
CopyFileExW
WritePrivateProfileStructA
WriteConsoleOutputCharacterA
FileTimeToLocalFileTime
CreateDirectoryExA
GetCommandLineA
SetVolumeLabelA
ExitProcess

user32

OffsetRect
CreateDialogIndirectParamA
DialogBoxIndirectParamA
VkKeyScanW
GetScrollPos
RegisterClipboardFormatW
IsDlgButtonChecked
SetTimer
MessageBoxIndirectW
GetClassNameW
InflateRect
SetWindowContextHelpId
GetWindowRgn
PeekMessageW
GetClipboardViewer
IsCharLowerW
FindWindowExW
GetPropA
ChildWindowFromPointEx
GetWindowDC
ModifyMenuW
WaitMessage
SendMessageTimeoutA
RegisterClassW
LoadCursorA
MsgWaitForMultipleObjects
GetWindowTextW
HideCaret
GetWindowTextA
LoadImageA
PostQuitMessage
SetFocus
GetMenuCheckMarkDimensions
RegisterClassExA
OpenDesktopA
AdjustWindowRectEx
SetRectEmpty
DrawCaption
GetDlgItemTextW
GetClassInfoW
CreatePopupMenu
TabbedTextOutW

gdi32

GdiComment
EnumFontFamiliesA
GetLayout
SetGraphicsMode
SetTextCharacterExtra
GetEnhMetaFilePaletteEntries
PtInRegion

comdlg32

GetFileTitleA
CommDlgExtendedError
ChooseColorW

advapi32

LookupAccountSidA
QueryServiceLockStatusW
RegisterEventSourceA
RegGetKeySecurity
RegCreateKeyW
LookupPrivilegeValueA
RegisterServiceCtrlHandlerA
ReadEventLogW
LookupPrivilegeValueW
StartServiceW
RegOpenKeyExA
BuildTrusteeWithSidW
RegSetValueExW
QueryServiceConfigA
LogonUserA
CryptVerifySignatureW
QueryServiceStatus
RegSetKeySecurity
EnumDependentServicesA
SetSecurityInfo
OpenServiceW

ole32

CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData

oleaut32

SafeArrayRedim
SetErrorInfo
LoadTypeLi
SysFreeString
SafeArrayUnaccessData
SafeArrayPutElement
LoadTypeLibEx
SafeArrayCreate

comctl32

ImageList_Create

shlwapi

PathAppendW
PathCanonicalizeA
PathStripToRootA

setupapi

SetupGetLineCountA
SetupDiSetDeviceInstallParamsA
SetupGetInfFileListA
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsExA

Sections

.text
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

839f9e36c6da75ef6b55405bb62fb8c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 320KB - Virtual size: 317KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 320KB - Virtual size: 317KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 9KB