25e3279ad5117f87e8f668797b0ed87c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25e3279ad5117f87e8f668797b0ed87c_JaffaCakes118
Size

412KB
MD5

25e3279ad5117f87e8f668797b0ed87c
SHA1

4eb4daaf9c1e6a884e23ed2a0913dfa7b5010096
SHA256

cfd7f3048b53655728b71d21b042fdb6b411a0f5ae667e0c86be9de343fca5c2
SHA512

f2acbf351ad020971a017822eb01b5392051abf5a6ad8e2a7d0d548163e45469fcfa2196517cf3b4f679defe418ee3643b6aa9dd21920ab0fe64d694f45c03a9
SSDEEP

6144:pVBo42uvLcakYeFUj0vylTgJiGG7JwGoKsF/vzwjxeD9gM4iMM0/KSQdTTUu:pVBonHYf0vEeiGGdqKs1zZF90uw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25e3279ad5117f87e8f668797b0ed87c_JaffaCakes118

Files

25e3279ad5117f87e8f668797b0ed87c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf9b483163d38ec897a7bcc0b5f4baa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapeParameters
InitializeCriticalSection
lstrcpynA
GetConsoleCursorInfo
SetConsoleCursorPosition
GetCurrentProcess
FileTimeToLocalFileTime
GetProcessHeap
GetSystemInfo
GetProfileIntA
SizeofResource
UnhandledExceptionFilter
FindFirstFileW
GlobalDeleteAtom
FindNextChangeNotification
GetCPInfo
CreateEventA
EnumSystemCodePagesW
FindResourceExW
SetConsoleActiveScreenBuffer
OpenMutexA
SetTimeZoneInformation
CreateFileW
IsValidLocale
VirtualQueryEx
CompareStringW
CreateProcessA
GetSystemTime
SetLastError
GetCommModemStatus
VirtualProtect
GetVersionExA
GetCommandLineA
ScrollConsoleScreenBufferA
GetSystemTimeAsFileTime
ReadDirectoryChangesW
PrepareTape
SearchPathW
ReleaseMutex
GetConsoleMode
OpenFile
GetProcessTimes
SetConsoleTitleA
lstrcmpiA
GetDiskFreeSpaceW
GlobalReAlloc
RaiseException
GetStringTypeExW
GenerateConsoleCtrlEvent
OutputDebugStringW
SetEvent
GetDriveTypeW
SetSystemTime
GlobalAddAtomA
ReleaseSemaphore
WritePrivateProfileStringW
GetTempFileNameA
EnumSystemCodePagesA
_lread
lstrlenA
VirtualAlloc
CreateDirectoryA
ExitProcess

user32

RegisterHotKey
SetUserObjectInformationW
EnumWindowStationsW
GrayStringW
CheckRadioButton
IsCharUpperA
CharUpperW
GrayStringA
SendMessageCallbackW
DrawEdge
DefFrameProcA
GetPropA
SetCaretPos
SetWindowsHookExA

gdi32

GetSystemPaletteUse
SetRectRgn
CreateSolidBrush
SetStretchBltMode
CreateBitmap
StartDocW
GetNearestColor
GetEnhMetaFileBits
ExtEscape
GetGlyphOutlineA
CreateCompatibleBitmap
SetBrushOrgEx
RectVisible
ModifyWorldTransform

comdlg32

PrintDlgA
ChooseFontW
GetFileTitleA
GetFileTitleW

advapi32

RegLoadKeyW
GetNamedSecurityInfoW
OpenSCManagerA
OpenServiceW
LookupAccountSidW
LockServiceDatabase
CryptGetProvParam
GetSidIdentifierAuthority
RegQueryInfoKeyW
SetSecurityDescriptorOwner

shell32

SHFileOperationA
DragAcceptFiles

ole32

CreateBindCtx
CoUninitialize
OleCreate
CoCreateInstance
ReadFmtUserTypeStg
OleIsRunning
PropVariantCopy

oleaut32

SetErrorInfo
LoadTypeLi

comctl32

PropertySheetA
ImageList_DragLeave
ImageList_GetImageInfo

shlwapi

PathCompactPathW
SHQueryValueExW
StrChrIW
SHSetThreadRef

Sections

isauc
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

aiqkswm
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

scweoi
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sumcma
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf9b483163d38ec897a7bcc0b5f4baa3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

isauc Size: 336KB - Virtual size: 333KB

aiqkswm Size: 4KB - Virtual size: 3KB

scweoi Size: 28KB - Virtual size: 24KB

sumcma Size: 40KB - Virtual size: 39KB

isauc
Size: 336KB - Virtual size: 333KB

aiqkswm
Size: 4KB - Virtual size: 3KB

scweoi
Size: 28KB - Virtual size: 24KB

sumcma
Size: 40KB - Virtual size: 39KB