2642d136eed58589e5a1211893464178_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2642d136eed58589e5a1211893464178_JaffaCakes118
Size

136KB
MD5

2642d136eed58589e5a1211893464178
SHA1

8c98ed06cb133dc97838b56c59483f482e7c1332
SHA256

c4e59d548eb4c7e9d069ecfa13f81334cee50d046abc6ff27261b2bdca181390
SHA512

4f41c3cff9f850d470e1d5d8ad97e69e88dba8c5086b010e6129cf66c4132e12f28f3115f9070aeada978962a8c3a63286903836c0da84d53bede853769826e7
SSDEEP

3072:uhXYCsZRoj1kEokH9cHqAiwMqfmai+fp9o4T:uWoj1DcQwMqfmabXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2642d136eed58589e5a1211893464178_JaffaCakes118

Files

2642d136eed58589e5a1211893464178_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3244fc50414cc5a9906ce367c85a0b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
lstrlenA
WriteConsoleA
OpenFileMappingA
GetModuleHandleA
SetConsoleHardwareState
GetConsoleKeyboardLayoutNameA
SetThreadIdealProcessor
lstrcpynA
SetConsoleNumberOfCommandsA
Module32First
SetFileTime
CreateFileMappingA
GetThreadTimes
lstrcpyA
WriteProcessMemory
EnumResourceLanguagesA
ReadConsoleA
_hread
TerminateJobObject
GetEnvironmentVariableA
WaitForSingleObject
UpdateResourceA
LockFile
EnumResourceTypesA
lstrcmpA
ReadConsoleA
SetVolumeMountPointA
SetConsoleTextAttribute
lstrcpy
FindVolumeClose
VirtualAllocEx
SetConsoleCursorMode
GetConsoleCP
GetComputerNameA
GetTickCount
WriteConsoleInputA
IsValidLanguageGroup
EndUpdateResourceA
GetProcessPriorityBoost
SetFileAttributesA
SetCalendarInfoA
ClearCommError
FindNextVolumeMountPointW
SetSystemTimeAdjustment
SetThreadUILanguage
ResetWriteWatch
GetConsoleMode
GetFileTime
GlobalUnfix
GetCurrentProcessId
GetThreadLocale
GetModuleFileNameA
SetTimerQueueTimer
ReleaseMutex
GetSystemWindowsDirectoryA
GetPriorityClass
SetupComm
SetLocaleInfoA
WriteFile
SetConsoleKeyShortcuts
SetConsoleFont
GetDriveTypeA
GlobalSize
IsProcessorFeaturePresent
GetCurrentThreadId
LoadLibraryA
SetTapeParameters
GetFullPathNameA
LZStart
GetConsoleTitleA
lstrcmpA
GetLocalTime
WinExec
GetProcessShutdownParameters
lstrcatA
PeekNamedPipe
LZRead
GetFileAttributesExA
RaiseException
ClearCommBreak
OpenMutexA
OpenJobObjectA
GetCurrentDirectoryA
FindAtomA
GetVolumeNameForVolumeMountPointA
GetStdHandle
GetFileSize
GetDefaultCommConfigA
GetConsoleTitleA
WaitNamedPipeA
UnlockFile
VerifyVersionInfoA
GetTempFileNameA

winmm

timeGetSystemTime

user32

RegisterSystemThread
DeregisterShellHookWindow
CharLowerBuffW
DrawCaptionTempA
IsDialogMessage
ModifyMenuA
UnlockWindowStation
GetSystemMetrics
GetKeyNameTextA
CheckDlgButton
OpenDesktopA
InternalGetWindowText
GetMessageA
GetClassInfoExA
AlignRects
CheckDlgButton
RegisterWindowMessageA
DlgDirSelectComboBoxExA
InflateRect
RecordShutdownReason
EnableScrollBar
ShowOwnedPopups
HiliteMenuItem
SetDebugErrorLevel
LoadCursorA
GetProgmanWindow
QuerySendMessage
GetClassNameA
CreateMDIWindowA
GetDlgItem
SetWindowStationUser
SetParent
DisableProcessWindowsGhosting
PostQuitMessage
SetCaretBlinkTime
SetMenuContextHelpId
LoadMenuIndirectA
GetDCEx
GetClipboardSequenceNumber
CreateIcon
GetInternalWindowPos
GetMenuItemCount
IsDlgButtonChecked
ReleaseCapture
SendIMEMessageExA
GetKeyboardLayout
SetSysColors
RemovePropA
ChildWindowFromPoint
EndTask
LoadImageA
ScrollDC
SetCaretPos
IsChild
BeginPaint
SetWindowRgn
DlgDirListComboBoxA
UpdateLayeredWindow
GetWindowRgnBox
InSendMessageEx
SetDebugErrorLevel
GetAncestor
SendIMEMessageExA
SetActiveWindow
SetMenuInfo
ReasonCodeNeedsBugID
GetWindowTextA
UnregisterHotKey
CharNextExA
SetLayeredWindowAttributes
CharUpperBuffA
FreeDDElParam
EnableMenuItem
ScrollWindowEx
OpenWindowStationA
DlgDirSelectExA
TabbedTextOutA
SetProcessDefaultLayout
CharToOemA
CountClipboardFormats
EnumWindowStationsA

Exports

Exports

Hovvligpy
BeginCekmicev
SetMubvdxncw

Sections

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 120KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3244fc50414cc5a9906ce367c85a0b0

Headers

File Characteristics

Imports

kernel32

winmm

user32

Exports

Exports

Sections

.idata Size: - Virtual size: 1KB

.itext Size: 120KB - Virtual size: 389KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 1KB

.itext
Size: 120KB - Virtual size: 389KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB