2634eea66e96b54988c744854dd4d9c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2634eea66e96b54988c744854dd4d9c2_JaffaCakes118
Size

316KB
MD5

2634eea66e96b54988c744854dd4d9c2
SHA1

2a6b5925ca322f0fd2963912a6f3a3a1dbefeeb2
SHA256

5978aaa2d1e774bf8f00fb57020ee38f8869b29878f36970ef2b5fcd7727031f
SHA512

314ccb398e0918a046e6d28a12ce4470c0694e73f4f00408f48c9f94cc9234a502a348515547a6b20d82368a47842e943a3b5974f3bb0a5b3505bac08d33d54b
SSDEEP

6144:q2tSlATGdy+W94uJcXk1tzMbTtFZGLjXcasfBMCFBqzJ:q2tXKctJcXk1tE3Wcasiz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2634eea66e96b54988c744854dd4d9c2_JaffaCakes118

Files

2634eea66e96b54988c744854dd4d9c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f33dffaf720720e9130f28a077a27ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GenerateConsoleCtrlEvent
WaitForMultipleObjectsEx
GetFileType
GetTapePosition
VirtualQuery
GetTapeStatus
GetCurrentThread
CreateFileMappingW
GetDiskFreeSpaceW
AddAtomA
InitializeCriticalSection
MapViewOfFileEx
SetThreadExecutionState
SetVolumeLabelA
SystemTimeToTzSpecificLocalTime
AllocConsole
EnumSystemCodePagesA
ReadConsoleOutputW
CreateWaitableTimerA
EnumSystemLocalesA
WriteTapemark
WritePrivateProfileSectionA
WritePrivateProfileSectionW
FindNextChangeNotification
SleepEx
SetNamedPipeHandleState
FlushViewOfFile
EnumResourceLanguagesA
GetComputerNameW
FreeResource
GetQueuedCompletionStatus
GetProfileStringW
CreateWaitableTimerW
lstrcpyA
GetVersionExW
FatalAppExitA
LCMapStringA
GetVolumeInformationW
GetThreadSelectorEntry
FileTimeToDosDateTime
OpenProcess
GetTempPathA
WritePrivateProfileStringA
GetExitCodeThread
GlobalDeleteAtom
VirtualProtect
WriteFileEx
FlushFileBuffers
IsBadStringPtrW
AreFileApisANSI
GlobalLock
LoadLibraryExA
SuspendThread
CreateFileW
GetCommandLineA
GetVersionExA
lstrlenA
HeapFree
ExitProcess

user32

CreateDesktopA
GetUserObjectSecurity
GetForegroundWindow
EnumDisplaySettingsA
MonitorFromPoint
VkKeyScanA
GetCaretPos
CreateDialogIndirectParamA
UnhookWinEvent
DeleteMenu
InvalidateRect
IsClipboardFormatAvailable
SetThreadDesktop
AttachThreadInput
GetMonitorInfoW
DrawMenuBar
GetDialogBaseUnits
PostThreadMessageA
SetMenuInfo
LockWindowUpdate
IsCharUpperW
FindWindowW
RegisterDeviceNotificationW
DefDlgProcW
TrackMouseEvent
GetUpdateRect
mouse_event
GetClipboardFormatNameW
CreateCursor
ChangeDisplaySettingsW
GetCursor
GetActiveWindow
CloseWindow
ToUnicodeEx
ShowCaret
CheckMenuItem
VkKeyScanW
GetClassNameA
BeginPaint
GetClassLongW
SetCapture
SetUserObjectInformationW
GetDlgCtrlID
CloseDesktop
GetPropA
CharToOemBuffA
ToUnicode
IsCharUpperA

gdi32

CreateBitmapIndirect
CreateCompatibleDC
RectVisible
CreateBitmap
CreateRectRgnIndirect
GetCharacterPlacementA
EnumEnhMetaFile
GetStretchBltMode
CloseFigure
PolylineTo
SetDIBColorTable
RealizePalette
GetPolyFillMode
GetTextExtentExPointW
GetTextCharset
CreateRoundRectRgn
EndPage
SetBrushOrgEx
GetPaletteEntries
PolyBezierTo

comdlg32

ChooseColorA
GetSaveFileNameW
GetFileTitleA

advapi32

CloseEventLog
RegCreateKeyExA
AddAccessDeniedAce
QueryServiceStatus
EnumDependentServicesA
QueryServiceLockStatusW
FreeSid
GetSidSubAuthorityCount
EnumDependentServicesW
RegSetValueW
IsTextUnicode
GetLengthSid
ReportEventA
RegSetValueExW
OpenThreadToken
ReportEventW
OpenProcessToken
RegSetValueA
AccessCheckAndAuditAlarmA
RegDeleteValueA
RegCreateKeyExW
RegQueryInfoKeyW

shell32

ExtractIconW
SHChangeNotify
SHLoadInProc

ole32

CreateDataAdviseHolder
CoCreateGuid
CoMarshalInterThreadInterfaceInStream

oleaut32

RegisterTypeLi
SafeArrayGetUBound

comctl32

ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_AddMasked

shlwapi

StrCpyW
StrStrIW
StrCatBuffA
PathRemoveFileSpecA
StrPBrkW
SHStrDupW
PathFileExistsA
SHSetThreadRef
StrDupA
PathIsUNCW
SHAutoComplete

setupapi

SetupDiClassNameFromGuidExA
SetupOpenInfFileW
SetupIterateCabinetW

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0f33dffaf720720e9130f28a077a27ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 24KB