259e83d4fd5408cdd6efabdab86070cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

259e83d4fd5408cdd6efabdab86070cb_JaffaCakes118
Size

356KB
MD5

259e83d4fd5408cdd6efabdab86070cb
SHA1

104db3d7e8bc2b16fadc2b110b514ae336814e14
SHA256

5c872555b6cc1c4cfee9ff9e1f5aff5ed1eb4142d2f6e4fa7be998f65cf4544c
SHA512

140126a6ebba0b8f2c6e7675aa41ff2620613128325f94f5e28fc24f2417e93d3f5c5a696aa707d791c001680137dfbad4d6a76e9a73d82cc0387c9ddfd11814
SSDEEP

6144:62JrY3sJGn3QdE9nIIJ/IUmoXdWDbZbaRZtOUd4gvgnUi4kY:62JrDQZ9nHttWZbSndZSG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259e83d4fd5408cdd6efabdab86070cb_JaffaCakes118

Files

259e83d4fd5408cdd6efabdab86070cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e362d7b90c765857b37b4775fa65ce86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
EnumCalendarInfoA
VirtualFree
FormatMessageA
GetDriveTypeA
FreeResource
IsBadWritePtr
GlobalAddAtomA
GlobalUnlock
LocalSize
SetProcessWorkingSetSize
SetupComm
GetWindowsDirectoryA
GetCompressedFileSizeW
GetBinaryTypeW
EraseTape
SearchPathW
WriteConsoleOutputCharacterA
GetTickCount
GetPrivateProfileSectionW
CancelIo
GetShortPathNameA
SetConsoleWindowInfo
FormatMessageW
GlobalFindAtomA
LocalLock
OpenMutexA
CopyFileExW
GetSystemInfo
GetUserDefaultLangID
ReleaseSemaphore
InitializeCriticalSection
CreateMutexW
GetProcessTimes
CreateNamedPipeW
GetVersion
FindFirstFileA
GetDriveTypeW
_lopen
ClearCommBreak
DosDateTimeToFileTime
GetVersionExA
SetEndOfFile
RemoveDirectoryW
SetFileTime
lstrcpyA
VirtualQueryEx
GetUserDefaultLCID
GetThreadPriority
DuplicateHandle
EnumSystemCodePagesW
GetCommConfig
GetStringTypeExW
MoveFileW
IsValidLocale
GetTempPathW
SetConsoleMode
IsProcessorFeaturePresent
GetBinaryTypeA
GetFullPathNameA
ExpandEnvironmentStringsW
SystemTimeToFileTime
EnumCalendarInfoW
SetProcessAffinityMask
CreateFileW
TryEnterCriticalSection
SetConsoleCursorPosition
GetThreadContext
lstrcatW
SetVolumeLabelA
GlobalAddAtomW
FindFirstFileW
IsBadStringPtrA
GlobalFlags
ReadConsoleOutputA
FreeLibrary
ReadConsoleInputW
GetTimeZoneInformation
GetVolumeInformationW
GetFileAttributesExA
SetConsoleOutputCP
GetCommandLineA
lstrlenA
VirtualProtect
GetAtomNameA
ExitProcess

user32

RegisterWindowMessageA
WaitMessage
LoadStringW
UpdateWindow
DestroyCursor
GetScrollBarInfo
GetInputState
IsDialogMessageW
GetClassInfoW
GetNextDlgGroupItem
GetWindowTextW
CreateCursor
UnhookWindowsHook
SetWindowLongW
CharLowerA
HiliteMenuItem
EnumClipboardFormats
OffsetRect
MapVirtualKeyExW
ChangeMenuW
ModifyMenuA
LoadAcceleratorsA
CreateCaret
DefFrameProcW
GetParent
RemovePropW
SwitchDesktop
IsIconic
GetMessageW
CopyAcceleratorTableA
GetProcessWindowStation
EnumDisplaySettingsW
SendDlgItemMessageA
SetScrollInfo
DragDetect
ShowWindowAsync

gdi32

GetBitmapBits
SetViewportExtEx
InvertRgn
GetNearestPaletteIndex
GetTextExtentPoint32A
GetViewportExtEx
CreateICA
GetDIBits
SetPaletteEntries
EnumEnhMetaFile

comdlg32

FindTextA
ReplaceTextW
ChooseColorA
GetFileTitleA

advapi32

StartServiceCtrlDispatcherW
RegQueryValueW
SetServiceObjectSecurity
GetSidSubAuthority
RegisterServiceCtrlHandlerW
SetFileSecurityW
RegSetValueExA
CreateProcessAsUserA
CryptHashData
OpenSCManagerA
ControlService
PrivilegeCheck
GetServiceDisplayNameA
GetSecurityDescriptorSacl
GetSecurityInfo
CryptGetProvParam
IsValidSid
ReportEventA
CryptSetProvParam
CloseEventLog
RegOpenKeyA
CryptVerifySignatureW
SetEntriesInAclA
CryptCreateHash
CryptExportKey
RegReplaceKeyW
RegSetValueExW
RegEnumValueA
CreateProcessAsUserW
RegRestoreKeyW

ole32

OleSetContainedObject
CreateOleAdviseHolder
CoMarshalInterface
CoResumeClassObjects
OleCreateLink
CoQueryProxyBlanket
StgSetTimes
OleSetMenuDescriptor
CoGetObject

comctl32

ImageList_Merge

shlwapi

StrRetToStrW
SHEnumValueW
PathCanonicalizeA
SHRegSetUSValueW
UrlCreateFromPathW
StrStrA
PathAddExtensionW
PathAppendA
StrCpyNW
StrRChrA

setupapi

SetupGetLineTextA
SetupDiGetDeviceInstallParamsW
SetupGetLineTextW
SetupIterateCabinetW
SetupCloseLog
SetupDiBuildClassInfoList

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e362d7b90c765857b37b4775fa65ce86

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 41KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 41KB