261228f8f87a0d754da9d040f842f457_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

261228f8f87a0d754da9d040f842f457_JaffaCakes118
Size

324KB
MD5

261228f8f87a0d754da9d040f842f457
SHA1

f1eecf3ca8584015a4b3f6ffb01bcf7e45b6a8cb
SHA256

d7687ad1a8e5ab0116e349ae2ed01d7b64a645821fa667b3bda20ff706eff5c6
SHA512

1ac172afbaaf87325ce6bb10bac60095e93f4fcb106003a8a9425d248d3820a2438cf1b0de71345f2835886dd6a51481a181fcfdbbddf68d51d435a3526101b9
SSDEEP

6144:3vktewKZS7QuMzn+dvvlZnm9lga0tVpKe8vbXIBrW2NLczWVSGhBhe:3s0wKZoa6FdZIl4tV/8vbX0rpLeWEGf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261228f8f87a0d754da9d040f842f457_JaffaCakes118

Files

261228f8f87a0d754da9d040f842f457_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6af0a635d4a860c4d335d6d10553c47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
GetModuleHandleA
SetConsoleCtrlHandler
OpenEventA
SetEndOfFile
CreateEventW
SetThreadPriority
WriteTapemark
GlobalDeleteAtom
PrepareTape
OpenMutexA
HeapFree
AreFileApisANSI
ExitProcess
PulseEvent
LoadResource
SetFileTime
GetCommandLineA

user32

GetClipboardData
CharToOemBuffA
SetRectEmpty
PostMessageA
ChangeMenuW
EnumChildWindows
DestroyMenu
SetClassLongW
UnhookWinEvent
CreateIcon
CallWindowProcA
GetClassInfoExA
DestroyCursor
GetSystemMenu
SetPropW
DefFrameProcW
GetDlgItem
DialogBoxIndirectParamA
CreateCursor
PostMessageW
SetWindowTextW
MoveWindow
BroadcastSystemMessageW
SetMessageQueue
RegisterWindowMessageA
GetCaretPos
OpenWindowStationW
RegisterHotKey
DragDetect
BeginDeferWindowPos
MsgWaitForMultipleObjectsEx
SetUserObjectSecurity
ShowCursor
PostQuitMessage
SetCaretPos
SwitchDesktop
CreateDialogIndirectParamA
ShowOwnedPopups
EnumDisplaySettingsExA
CreateDesktopW
LoadAcceleratorsW

gdi32

ExcludeClipRect
AddFontResourceW
SetViewportExtEx
GetCurrentObject
GetWinMetaFileBits
GetPaletteEntries

comdlg32

GetOpenFileNameW
PageSetupDlgW
ChooseFontW
ChooseFontA

advapi32

RegRestoreKeyA
ImpersonateLoggedOnUser
MakeSelfRelativeSD
SetKernelObjectSecurity
RegReplaceKeyW
RegDeleteValueW
CryptAcquireContextA
ObjectDeleteAuditAlarmW
AddAccessAllowedAce
RegGetKeySecurity
AddAccessDeniedAce
RegDeleteValueA
OpenThreadToken
StartServiceW
RegEnumKeyA
EqualSid
NotifyChangeEventLog
GetFileSecurityA
ReadEventLogW
SetServiceStatus
RegOpenKeyW
InitiateSystemShutdownA
SetTokenInformation
CryptDestroyHash
CloseServiceHandle
ChangeServiceConfigW
CryptImportKey
GetServiceDisplayNameA
GetSecurityDescriptorControl
IsValidSid
AccessCheck
RegQueryInfoKeyA

ole32

ReadClassStg
OleLockRunning
CoCreateInstanceEx
OleCreateLinkFromData
OleCreateLink

oleaut32

CreateErrorInfo
SafeArrayPtrOfIndex
RegisterTypeLi
QueryPathOfRegTypeLi

shlwapi

StrStrIA
SHAutoComplete
SHRegQueryUSValueW
StrFormatKBSizeW
PathIsUNCServerW
StrCmpIW
UrlApplySchemeW

setupapi

SetupDiSetDeviceInstallParamsA
SetupDiGetClassDevsW
SetupDiClassGuidsFromNameW
SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupDiGetClassDevsA
SetupInstallFromInfSectionW

Sections

.text
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6af0a635d4a860c4d335d6d10553c47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 280KB - Virtual size: 277KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 34KB

.text
Size: 280KB - Virtual size: 277KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 34KB