25c667d09234330f33e99a6fa4116b7c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25c667d09234330f33e99a6fa4116b7c_JaffaCakes118
Size

324KB
MD5

25c667d09234330f33e99a6fa4116b7c
SHA1

11cdb598264b5940e718e58454e7bfdfe2ddace9
SHA256

e62e9513adda6de5e40a79f398161a42874ef1240590a6124cbc252e18271f34
SHA512

dcb3bf124680b5ffb16f0841225f641afda1acc7af8809ac283152cf2b208d031298b88712546103d82b12d441a753bafccd7bc3216a78017bd0f342906369b2
SSDEEP

6144:m+mvWEc1rI7cXmciIdA+4hoLqHB8Vf7CIC3PDn8pD9YIXyqaqnmdNe/Q:GpcBI7kYIyOLwBwhKQpD9tCqpmQQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25c667d09234330f33e99a6fa4116b7c_JaffaCakes118

Files

25c667d09234330f33e99a6fa4116b7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c97bfb61bb61fe75d2ae27a2b5cfbbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
SetConsoleCursorPosition
SetProcessShutdownParameters
MoveFileExW
GlobalFlags
GetLocalTime
VirtualQuery
FillConsoleOutputCharacterA
FindCloseChangeNotification
PulseEvent
InitializeCriticalSection
DeleteFileA
GetEnvironmentStringsW
UnlockFile
GetFileAttributesA
GetDiskFreeSpaceA
CreateDirectoryExA
LockFileEx
ExitProcess
LocalSize
GetVersionExW
WritePrivateProfileStringW
CreateRemoteThread
SetConsoleCtrlHandler
FindClose
SetFileAttributesW
BackupRead
lstrcmpW
FindResourceExW
InterlockedExchange
GlobalSize
EnumResourceTypesA
GetFullPathNameW
FileTimeToDosDateTime
InterlockedExchangeAdd
GetBinaryTypeA
CreateNamedPipeW
SetupComm
EnumResourceLanguagesW
MapViewOfFileEx
_hread
GetTapePosition
AddAtomW
SetVolumeLabelA
SystemTimeToTzSpecificLocalTime
SetFileAttributesA
GlobalLock
LocalReAlloc
SetPriorityClass
GetTempPathW
OpenEventW
lstrcmpiA
GetStdHandle
GetEnvironmentStrings
GetVersionExA
GetCommandLineA
VirtualProtect
WriteConsoleInputW

user32

LoadAcceleratorsA
LoadCursorFromFileW
ModifyMenuA
CharUpperBuffA
IsMenu

gdi32

SetRectRgn
Rectangle
GetSystemPaletteUse
SetDIBitsToDevice
CreateEllipticRgn
CreateSolidBrush
CreateMetaFileA
CreateEnhMetaFileW
UpdateColors
GetROP2

comdlg32

PageSetupDlgA

advapi32

StartServiceW
GetFileSecurityW
AbortSystemShutdownW
IsValidSid
RegSaveKeyA
RegQueryValueA
RegLoadKeyW
LookupPrivilegeValueA
QueryServiceObjectSecurity
RegSetValueExW
CryptGenRandom
GetPrivateObjectSecurity
LookupAccountNameW
OpenThreadToken
CryptAcquireContextW
RegEnumKeyW
RegUnLoadKeyW
EnumServicesStatusW
CryptSetHashParam
GetSidSubAuthority
EnumServicesStatusA
OpenSCManagerA
ObjectDeleteAuditAlarmW
DeregisterEventSource
CreatePrivateObjectSecurity
IsValidAcl
RegFlushKey
GetSecurityDescriptorLength
RegQueryValueExW
InitiateSystemShutdownW
DestroyPrivateObjectSecurity
ImpersonateLoggedOnUser
GetSecurityDescriptorSacl
NotifyChangeEventLog
CryptDecrypt

shell32

SHGetSpecialFolderPathA
SHFileOperationW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExA

oleaut32

QueryPathOfRegTypeLi
GetActiveObject
SafeArrayPtrOfIndex
SafeArrayCreateVector
VariantCopyInd

comctl32

ImageList_SetBkColor
ImageList_SetOverlayImage
ImageList_DrawIndirect

shlwapi

wvnsprintfW
UrlCanonicalizeW
PathRemoveBackslashW
PathCombineW
PathRemoveFileSpecA
PathIsDirectoryA
PathCanonicalizeW
PathCompactPathW

setupapi

SetupOpenInfFileW

Sections

.text
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c97bfb61bb61fe75d2ae27a2b5cfbbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 295KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 19KB

.text
Size: 296KB - Virtual size: 295KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 19KB