257ed5bd79002d0921f2d159634b13fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

257ed5bd79002d0921f2d159634b13fc_JaffaCakes118
Size

252KB
MD5

257ed5bd79002d0921f2d159634b13fc
SHA1

71064d7e7c1081f3b9844442c91bb83b7cbe58a3
SHA256

4ae70b00a8e7a3c9f59abcc65954c31a4e4e6bc03051870370adc21b71a27593
SHA512

5cc5f9f3132bed56f31caae7b5b3ab7c26e0f31869fc84efa2a33852ebf8c02835903f80b813eb65ac183ce1dd3a918634a33503d061b55ad239ed8d775bfebe
SSDEEP

6144:3U48h1Y2RvK7Abk0NdppaHF+tEMyce77mBcThJf:3z8h17vKAAqqFAEdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
257ed5bd79002d0921f2d159634b13fc_JaffaCakes118

Files

257ed5bd79002d0921f2d159634b13fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

604e3c169e13a4468e12a81ea1ade0b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToFiber
MultiByteToWideChar
WritePrivateProfileStructA
GetCurrentDirectoryW
WriteConsoleOutputCharacterA
SetConsoleWindowInfo
VirtualLock
EnumTimeFormatsW
EnumSystemCodePagesW
RemoveDirectoryA
GetBinaryTypeA
CreateIoCompletionPort
SetConsoleActiveScreenBuffer
VirtualQueryEx
SetConsoleCursorPosition
GetHandleInformation
GetCommandLineW
GetShortPathNameW
VirtualQuery
_lread
OutputDebugStringW
GetAtomNameA
IsBadStringPtrA
GetPrivateProfileSectionW
IsBadReadPtr
GetCommState
LoadResource
SuspendThread
OutputDebugStringA
EnumResourceNamesW
FileTimeToLocalFileTime
ExitProcess
WriteFile
SetHandleCount
LocalFileTimeToFileTime
GetOEMCP
QueryDosDeviceW
OpenFile
VirtualProtect
GetCommandLineA
GetVersionExA
lstrlenA
VirtualAlloc
CompareStringA

user32

SetActiveWindow
LoadKeyboardLayoutA
TrackPopupMenu
IsZoomed
SetCursorPos
LoadImageA
GetClassNameW
SetRectEmpty
GetTabbedTextExtentA
DialogBoxIndirectParamW
SetPropW
AppendMenuA
CreateMDIWindowW
SendNotifyMessageA
CheckDlgButton
BroadcastSystemMessageA
GetClientRect
GetMessageA
GetClipboardOwner
RegisterClassA
GetThreadDesktop
SetCaretBlinkTime
GetSubMenu
SetWinEventHook
RegisterClipboardFormatW
GetCaretBlinkTime
EnumDisplaySettingsW

gdi32

PolylineTo
PlayEnhMetaFileRecord
SetDIBitsToDevice
CreateCompatibleBitmap
GetGlyphOutlineA
ModifyWorldTransform
CopyMetaFileA
CreateRoundRectRgn
CopyEnhMetaFileA
PolyBezier
WidenPath
SetROP2
RemoveFontResourceW
SelectObject
ExtTextOutW
Chord
GdiComment

advapi32

CreateServiceW
RegQueryValueW
SetPrivateObjectSecurity
QueryServiceConfigA
CryptGetProvParam
CryptGetHashParam
ChangeServiceConfigW
SetKernelObjectSecurity
RegEnumKeyW
GetNamedSecurityInfoA
ObjectCloseAuditAlarmA
DuplicateTokenEx
ObjectDeleteAuditAlarmW
RegQueryInfoKeyW
SetEntriesInAclW
SetSecurityDescriptorSacl
LookupPrivilegeValueW
DeregisterEventSource
GetSecurityDescriptorOwner
CreatePrivateObjectSecurity
OpenServiceW
RegSetValueW
AddAccessDeniedAce
RegFlushKey
FreeSid
RegCloseKey
GetFileSecurityW
CryptHashData
LogonUserW
ChangeServiceConfigA
QueryServiceLockStatusW
GetSidSubAuthority

shell32

ShellExecuteA
SHBrowseForFolderA
Shell_NotifyIconW
SHChangeNotify
Shell_NotifyIconA

ole32

CoResumeClassObjects
OleIsRunning
StgSetTimes
OleSaveToStream
OleRegGetMiscStatus
CoFreeUnusedLibraries
OleRegGetUserType
OleBuildVersion

oleaut32

VariantCopy
LoadTypeLibEx
SetErrorInfo
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SysStringLen

comctl32

ImageList_SetOverlayImage

shlwapi

PathIsRootW
PathIsDirectoryW
StrStrW
PathIsFileSpecW
PathStripPathW
StrFormatKBSizeW
PathRemoveBackslashA
SHSetValueW
PathParseIconLocationW
UrlCombineW
SHEnumValueW
StrCmpNW
SHDeleteKeyW
SHCopyKeyW
PathRemoveArgsW
SHQueryValueExW
StrDupA
StrChrIW
PathIsDirectoryA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

604e3c169e13a4468e12a81ea1ade0b9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB