257b6e617c92a8ae921470ac75a81a0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

257b6e617c92a8ae921470ac75a81a0a_JaffaCakes118
Size

324KB
MD5

257b6e617c92a8ae921470ac75a81a0a
SHA1

7c9aac02cd0a1ee5a08144772e83ecfde51933dc
SHA256

8e5d46143c9dbc4e43d4714de4435007af578259929b77a31240bde0f06e3351
SHA512

3c658572533fa0838748c54e065d380c2e7c5e856a32990598931bf92b2ff8f955608d336b9159aee1fa3d88c66695c9d31681b405dd70cb9ee939f97cb9df28
SSDEEP

6144:jWsd75+5YgQfG9JJuI4Yv/6SGr1BquKOlIckXqhVNG3jl:jWsp8FQe9vuI4mGr191eqNCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
257b6e617c92a8ae921470ac75a81a0a_JaffaCakes118

Files

257b6e617c92a8ae921470ac75a81a0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77445face7c73b17ca05d0328b4ec242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
IsBadReadPtr
GetOEMCP
GlobalFree
CopyFileExW
_lread
SetEnvironmentVariableW
CreateDirectoryW
EnumResourceNamesA
GetBinaryTypeW
WritePrivateProfileSectionW
ClearCommBreak
LocalReAlloc
ExpandEnvironmentStringsW
lstrcpynA
GetCommModemStatus
LoadResource
FindNextChangeNotification
InitializeCriticalSection
GetStringTypeExW
SetEnvironmentVariableA
SetThreadAffinityMask
IsBadWritePtr
CloseHandle
GetTempPathW
ExitProcess
SetNamedPipeHandleState
MultiByteToWideChar
GetCommandLineA
GetVersionExA
lstrlenA
VirtualProtect

user32

DrawIconEx
GetKeyNameTextW
CopyIcon
GetClipboardOwner
DeferWindowPos
ShowWindowAsync
SetMenuItemInfoA
EnumDisplayDevicesA
LoadKeyboardLayoutW
RemoveMenu
PeekMessageA
GetTopWindow
CallWindowProcW
GetAncestor
GetForegroundWindow
TranslateMessage
SwapMouseButton
CreatePopupMenu
wvsprintfW
RegisterClipboardFormatW
GetWindowRect
CharLowerBuffW
SetDlgItemInt
ReleaseCapture
GetSubMenu
DrawTextExA
GetKeyboardLayoutNameA
DialogBoxParamW
GetWindowTextA
MessageBoxExA
EndMenu
CharLowerA

gdi32

SetLayout
CreateDCW
GetNearestPaletteIndex
CreateFontA
GetOutlineTextMetricsA
SetArcDirection
ExtCreatePen
DPtoLP
GetCharWidth32W
GetTextExtentExPointA
PolyBezier
CreateEnhMetaFileA
CopyMetaFileW

comdlg32

ReplaceTextW

advapi32

LockServiceDatabase
DeleteService
GetSecurityDescriptorGroup
CryptDestroyKey
RegisterEventSourceW
GetSecurityDescriptorLength
DuplicateTokenEx
GetFileSecurityW
GetNamedSecurityInfoW
SetSecurityInfo
ReportEventA
NotifyChangeEventLog
RegCreateKeyExA
RegDeleteValueA

shell32

SHGetSpecialFolderPathW
SHLoadInProc
FindExecutableA
DragQueryPoint
SHGetDesktopFolder

ole32

StgCreateStorageEx
CreateBindCtx
CoGetObject
CoRegisterMallocSpy
CoCreateInstance
OleInitialize

oleaut32

SetErrorInfo
SysAllocStringLen
SafeArrayCreate
VariantCopy
SafeArrayUnaccessData
SafeArrayGetLBound
SysStringLen
LoadTypeLibEx
LoadTypeLi

comctl32

ImageList_GetDragImage
ImageList_Remove
CreatePropertySheetPageA
CreateToolbarEx

shlwapi

PathRenameExtensionW
PathRelativePathToW
StrTrimA
StrCmpLogicalW
wnsprintfW
PathCanonicalizeW
PathRemoveBackslashA
PathIsRelativeA
PathIsFileSpecW
SHSetValueW
StrFormatByteSizeW
StrCatBuffA
PathAddBackslashW
PathCombineA
PathUndecorateW
StrCmpW
AssocCreate
PathCombineW

setupapi

SetupDiGetDriverInfoDetailW

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77445face7c73b17ca05d0328b4ec242

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 14KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 14KB