2635e6fec07b92083896aebc3da552b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2635e6fec07b92083896aebc3da552b2_JaffaCakes118
Size

344KB
MD5

2635e6fec07b92083896aebc3da552b2
SHA1

be88f15a0342fcd81062ef5ac237017c0344ae2d
SHA256

88e533a92df27bf7f15fffc056ca39d0e841b75f7fd89c6c6a3d7f192384f6e3
SHA512

f587c5227ffd8548217636da56c2587a4afefa7d887966193db4b43ce9c31cfc022032f0a0daa7705d0e2caddbe392f3925cf23193f9059ae47b43f19363c5f4
SSDEEP

6144:U+e68KGSNT1VLiDIkUD87ZrO0HHNxm5nA:U+e/st1VTV8ZrO0fm5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2635e6fec07b92083896aebc3da552b2_JaffaCakes118

Files

2635e6fec07b92083896aebc3da552b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4661cf9dd9d1632b1d94a96ef7de2d1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
SetEnvironmentVariableA
VirtualAllocEx
GetPrivateProfileStringW
GetLargestConsoleWindowSize
AreFileApisANSI
FormatMessageW
EraseTape
SetProcessWorkingSetSize
ExpandEnvironmentStringsW
PeekNamedPipe
GetThreadPriority
GetThreadContext
GetTempPathW
_hread
OpenFile
FindFirstFileW
GetDriveTypeW
FileTimeToLocalFileTime
GlobalGetAtomNameW
WriteFile
GetUserDefaultLangID
FlushFileBuffers
SetConsoleCursorPosition
SetThreadAffinityMask
MultiByteToWideChar
GetSystemDefaultLangID
GetCommModemStatus
GetCurrentProcessId
GetTimeZoneInformation
FindFirstFileExW
EnumDateFormatsW
RemoveDirectoryA
ReleaseMutex
VirtualQuery
IsDBCSLeadByteEx
CreateProcessA
ReadConsoleOutputA
GetEnvironmentVariableW
FatalAppExitA
GetStartupInfoA
SetFileTime
LocalFileTimeToFileTime
WriteProcessMemory
GetStringTypeExW
GetCommandLineA
GetVersionExA
VirtualProtect
GetTapeParameters
ExitProcess

user32

MsgWaitForMultipleObjects
GetThreadDesktop
CreateDesktopA
GetClipboardSequenceNumber
GetTabbedTextExtentW
ModifyMenuW
IsDlgButtonChecked
GetParent
OpenDesktopW
RegisterClassExA
MessageBoxIndirectW
CharUpperA
GetUpdateRgn
OpenInputDesktop
OpenWindowStationW
DialogBoxIndirectParamW
GetQueueStatus
TranslateAcceleratorA
InsertMenuW
LoadCursorFromFileW
AppendMenuW
CopyAcceleratorTableA
wvsprintfW
SetWindowLongW
SendMessageW
LoadImageA
SwapMouseButton
GetWindowInfo
GetShellWindow
SetClipboardData
SetMenuItemInfoA
GetDC
MapWindowPoints
SetMenu
UnregisterClassA
InvalidateRect
LoadStringA
CharLowerW

gdi32

GetTextExtentPoint32W
GetSystemPaletteUse

advapi32

RegDeleteValueA
IsValidSecurityDescriptor
RegisterEventSourceW
GetSidSubAuthorityCount
DeleteAce
AccessCheckAndAuditAlarmA
DeleteService
GetServiceDisplayNameW
GetSecurityDescriptorGroup
GetPrivateObjectSecurity
AddAccessDeniedAce
RegUnLoadKeyA
ImpersonateLoggedOnUser
CreatePrivateObjectSecurity
CryptAcquireContextW
ReadEventLogW
RegQueryValueExW
SetSecurityDescriptorOwner
GetAce

shell32

SHFileOperationW
Shell_NotifyIconA
FindExecutableA

ole32

CreateOleAdviseHolder
ProgIDFromCLSID
CoDisconnectObject
OleSaveToStream
OleCreateFromData

oleaut32

SafeArrayCreate
SafeArrayRedim
QueryPathOfRegTypeLi
VariantCopy
LoadTypeLi
VariantChangeType
SafeArrayGetElement

shlwapi

StrFormatByteSizeA

setupapi

SetupDiGetDeviceInfoListDetailA
SetupScanFileQueueA
SetupIterateCabinetW

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4661cf9dd9d1632b1d94a96ef7de2d1d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 289KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 41KB

.text
Size: 292KB - Virtual size: 289KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 41KB