25d43d3fca21a82df3e8a22f1de9eadb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25d43d3fca21a82df3e8a22f1de9eadb_JaffaCakes118
Size

591KB
MD5

25d43d3fca21a82df3e8a22f1de9eadb
SHA1

0f1f1b9cfdd9705cbc7d0d42189026348b1cc929
SHA256

adcc40325079fc59def83113b31f899d54c3532e95db1e8387c7dfe03a6cc045
SHA512

43e2db2c888ef5d5e6e147e3d2d16fb1df069ea6a86cc2e07d1e7e9f97780a54a77760decd692d4ab8038f72f8b471f69d442e0d8922ecc240746ca66754ad5a
SSDEEP

12288:/KRZNtXd62r8xrzxHp178adha1dLIPJ2xAf/:/KVtLr8xrNpd8GhI0J2x2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d43d3fca21a82df3e8a22f1de9eadb_JaffaCakes118

Files

25d43d3fca21a82df3e8a22f1de9eadb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetEnvironmentVariableA
CreatePipe
VirtualQuery
DuplicateHandle
TlsGetValue
SearchPathW
GetCPInfo
SetConsoleCursorPosition
FreeLibrary
GlobalUnlock
SetConsoleActiveScreenBuffer
ReleaseMutex
CreateDirectoryExA
SetThreadAffinityMask
SystemTimeToFileTime
SetProcessShutdownParameters
CreateDirectoryA
FormatMessageA
VirtualAlloc
MoveFileW
SetErrorMode
LoadResource
GetCommModemStatus
OutputDebugStringA
EnumDateFormatsW
CreateWaitableTimerA
SetupComm
CloseHandle
IsBadWritePtr
GetUserDefaultLangID
GlobalFlags
GetTapeParameters
ReadFile
GetTickCount
GlobalDeleteAtom
GlobalFindAtomA
_hread
GetBinaryTypeW
_lread
EnumSystemCodePagesW
SetThreadLocale
DeleteCriticalSection
GetUserDefaultLCID
FindFirstFileW
WritePrivateProfileSectionW
EnumTimeFormatsW
GetFileType
WritePrivateProfileSectionA
RemoveDirectoryW
LeaveCriticalSection
lstrcmpA
GetDriveTypeW
SetProcessAffinityMask
ReadConsoleInputW
ConnectNamedPipe
GetConsoleMode
FormatMessageW
WritePrivateProfileStringW
SetFileTime
LocalAlloc
lstrcmpiW
IsValidLocale
IsBadReadPtr
FlushConsoleInputBuffer
SuspendThread
SetCommMask
PurgeComm
GetFullPathNameA
SetMailslotInfo
WritePrivateProfileStringA
WriteFile
SetFileAttributesA
VirtualUnlock
WaitNamedPipeA
GlobalReAlloc
MoveFileExA
WriteConsoleOutputCharacterA
WriteProcessMemory
SetEvent
SwitchToFiber
MultiByteToWideChar
FillConsoleOutputCharacterA
FindFirstFileA
LocalReAlloc
PulseEvent
GetFileAttributesExA
SetConsoleTitleA
ExitProcess

user32

ToUnicode
CharLowerBuffA
CloseClipboard
CheckMenuItem
SetMenuItemBitmaps
IsRectEmpty
SendNotifyMessageA
GetMenuItemInfoW

comdlg32

GetSaveFileNameA
FindTextA
CommDlgExtendedError
ReplaceTextW

advapi32

CryptSetProvParam
GetPrivateObjectSecurity
ChangeServiceConfigA
AllocateAndInitializeSid
RegSaveKeyA
CryptGetHashParam
IsValidSecurityDescriptor
RegEnumValueW
RegUnLoadKeyW
StartServiceCtrlDispatcherW
CloseEventLog
AccessCheckAndAuditAlarmW
GetExplicitEntriesFromAclW
AddAce
ImpersonateSelf
CryptDecrypt
QueryServiceConfigA
SetEntriesInAclA
SetSecurityDescriptorGroup
AccessCheck
RegisterEventSourceW
ChangeServiceConfigW
ObjectDeleteAuditAlarmW
RegQueryValueA
RegRestoreKeyA
DeleteService
RegOpenKeyExW
GetSidIdentifierAuthority
LookupAccountSidA
MakeSelfRelativeSD
RegSetValueExW
AbortSystemShutdownA
AllocateLocallyUniqueId
QueryServiceConfigW

ole32

CoDisconnectObject
OleLockRunning

oleaut32

LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElement
VariantCopy
SafeArrayCreate
QueryPathOfRegTypeLi

comctl32

ImageList_SetDragCursorImage
ImageList_Merge

shlwapi

PathIsDirectoryEmptyW
PathIsUNCServerW
PathRemoveArgsW
PathRelativePathToA
PathRemoveBlanksA

Sections

.text
Size: 23KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 23KB - Virtual size: 239KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 268KB - Virtual size: 267KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 23KB - Virtual size: 239KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 268KB - Virtual size: 267KB

.rsrc
Size: 16KB - Virtual size: 16KB