259f2e5ed8e23a07ad90a79e6d286fbb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

259f2e5ed8e23a07ad90a79e6d286fbb_JaffaCakes118
Size

340KB
MD5

259f2e5ed8e23a07ad90a79e6d286fbb
SHA1

3626ab3e34ced26c4f55a19db5ee1e71ca452c51
SHA256

8e463f8447fbc75a9ff15d17dafa84e860083535672b56719a4570cb7cce7e0b
SHA512

603b4e02975c3c77bea37eeef9e209ea254119f5d6a8741c84ef31a17c6e7bacb11417eca63836d05ed89b91ff3d99d74059390732e9167f03106936a43b7c64
SSDEEP

6144:ywtTH+p5O6vSt1XR7sWdnMFYXj7lHmF3ZQQlKVcFLuRxwG39ht/:vTH+pxYT3XUFS/GFLm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259f2e5ed8e23a07ad90a79e6d286fbb_JaffaCakes118

Files

259f2e5ed8e23a07ad90a79e6d286fbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a768adb858bf7ab116961aee4cb3061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitCommEvent
GetThreadPriority
BackupRead
GetConsoleTitleA
IsBadStringPtrA
MoveFileW
_lopen
TransactNamedPipe
ExitProcess
GetCommandLineA
GetLogicalDriveStringsW
SetConsoleCursorPosition
GetStartupInfoA
CreateFileA
SetFileAttributesA
CreateProcessW
FileTimeToDosDateTime
VirtualProtect
GetVersionExA
lstrcatW

user32

GetCapture
GetClassLongA
GrayStringW
SetScrollRange
DrawStateW
LoadIconW
LoadKeyboardLayoutA
ChildWindowFromPoint
UnionRect
OffsetRect
WaitMessage
GetMenuState
IsDlgButtonChecked
RegisterClassA
DispatchMessageA
InsertMenuA
OemToCharBuffA
DialogBoxParamA
keybd_event
GetMenu
TranslateAcceleratorW
SetWindowContextHelpId
GetMessageExtraInfo
InsertMenuItemW
GetClassInfoExA
DefWindowProcW
SetWindowLongA
CharPrevA
TranslateAcceleratorA
CreateDialogIndirectParamA
NotifyWinEvent
CharNextExA
IsCharAlphaW
EnumWindowStationsA
DestroyCaret
DrawFrameControl
SendNotifyMessageA
CopyRect
IsCharAlphaNumericA
CallNextHookEx
RedrawWindow

gdi32

SetPaletteEntries
GetTextExtentPoint32W
GetPixel
IntersectClipRect
SetPixelV
PolylineTo
GetTextFaceA
DescribePixelFormat
CreatePolygonRgn
GetStockObject

comdlg32

ChooseColorW
PrintDlgW

advapi32

GetSecurityDescriptorOwner
AllocateLocallyUniqueId
RegFlushKey
CryptAcquireContextW
SetEntriesInAclA
SetPrivateObjectSecurity
RegOpenKeyW
GetSidSubAuthority
DestroyPrivateObjectSecurity
RegOpenKeyExW
RevertToSelf
ObjectDeleteAuditAlarmW
ClearEventLogW
SetThreadToken
GetSidSubAuthorityCount
GetUserNameW
RegSetKeySecurity
GetUserNameA
MakeAbsoluteSD
ObjectCloseAuditAlarmA
GetSecurityDescriptorLength
SetFileSecurityW
RegCreateKeyA
StartServiceCtrlDispatcherA
RegEnumKeyExW
IsValidSecurityDescriptor
EnumDependentServicesA
AccessCheckAndAuditAlarmW
CryptSetHashParam
CryptGetHashParam
RegQueryInfoKeyA
CryptGetProvParam
RegEnumKeyW

shell32

FindExecutableW
SHGetFileInfoA
SHGetFileInfoW
SHAddToRecentDocs
Shell_NotifyIconA

ole32

CoCreateInstanceEx
CoTaskMemRealloc
CoGetObject
CoRevokeMallocSpy
CoDisconnectObject

oleaut32

VariantClear
QueryPathOfRegTypeLi
VariantCopy
SafeArrayAccessData
GetActiveObject

comctl32

ImageList_LoadImageA
ImageList_GetIconSize

shlwapi

StrStrA
StrRetToStrW
StrCmpW
StrStrIA
SHSetValueA
PathRelativePathToW
PathRemoveBackslashA
PathIsNetworkPathW
SHSetThreadRef
StrCmpNA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathAddExtensionW

setupapi

SetupDefaultQueueCallbackA
SetupCloseLog
SetupIterateCabinetW
SetupOpenAppendInfFileW
SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoW
SetupOpenInfFileW
SetupLogErrorA
SetupScanFileQueueA
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a768adb858bf7ab116961aee4cb3061

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 297KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 26KB

.text
Size: 300KB - Virtual size: 297KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 26KB