272b05cbaeed0e9dbaf9c0d364b3ce0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

272b05cbaeed0e9dbaf9c0d364b3ce0e_JaffaCakes118
Size

328KB
MD5

272b05cbaeed0e9dbaf9c0d364b3ce0e
SHA1

7cacbf38f98592f780a5e9cc0369c4aef743ccf4
SHA256

e5b4f5f05907ceac555c1b82ba5787e19e3e86fac40d32baacf7742e3a92bef3
SHA512

adfea5a40d02932c1cd6c65bc69d71b29215ce816bf4216e5889990ccf5f71aed6d477a1bb234a73dc4bace19654d393204a80d16cac6c03e280a12e480093a9
SSDEEP

6144:8eCo3qw9N3PiSedM0fGaO403KABqpgDRDZH3qIwDLZEFWO+nbmz/5raLNT7:HaweJdufl5qGvHZCXJbmzML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
272b05cbaeed0e9dbaf9c0d364b3ce0e_JaffaCakes118

Files

272b05cbaeed0e9dbaf9c0d364b3ce0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53a4d08e2434e17430899f18f0c48fed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalCompact
CreateDirectoryExA
FormatMessageW
GetFullPathNameA
GetSystemDefaultLangID
GetBinaryTypeW
FindResourceW
CreateFileW
WaitForMultipleObjectsEx
LocalFree
GetNumberOfConsoleInputEvents
GetDiskFreeSpaceExW
EnumTimeFormatsW
VirtualAlloc
GlobalFree
EscapeCommFunction
ExitThread
GetSystemDirectoryA
GetThreadTimes
FillConsoleOutputAttribute
GetCurrentProcessId
FillConsoleOutputCharacterW
lstrlenA
CompareFileTime
AllocConsole
BeginUpdateResourceA
lstrcmpW
GetCommModemStatus
QueryPerformanceFrequency
GetDateFormatA
SetEnvironmentVariableA
DeleteAtom
FindFirstFileA
FormatMessageA
EraseTape
UnmapViewOfFile
HeapFree
WritePrivateProfileSectionW
GetLogicalDriveStringsA
BackupWrite
ReadFileScatter
FindResourceA
TlsSetValue
PostQueuedCompletionStatus
SetThreadIdealProcessor
EnumCalendarInfoW
GetTempFileNameW
GlobalFlags
GetConsoleScreenBufferInfo
SizeofResource
WaitCommEvent
GetPrivateProfileIntW
GlobalLock
CreateMailslotA
TlsGetValue
GetCommandLineA
GetVersionExA
VirtualProtect
ReleaseSemaphore
ExitProcess

user32

SetScrollInfo
InsertMenuW
wsprintfA
keybd_event
CreateCursor
SetUserObjectInformationW
PtInRect
SetDlgItemTextA
ModifyMenuA
ValidateRgn
GetDialogBaseUnits
SetRect
AdjustWindowRectEx
LoadKeyboardLayoutA
CreatePopupMenu
CheckMenuItem
RegisterClassExW
DefFrameProcA
OemKeyScan
ToAscii
LoadStringA

gdi32

SetTextJustification
ResizePalette
SetViewportExtEx
BeginPath
EnumFontFamiliesExW
CreatePatternBrush
GetSystemPaletteUse
DeleteDC
OffsetWindowOrgEx
SetColorAdjustment
GetTextExtentExPointA
EnumObjects
DeleteObject
GetCharWidthW

advapi32

AddAccessDeniedAce
MakeAbsoluteSD
CryptSetProvParam
RegSetValueW
CryptHashData
ImpersonateLoggedOnUser
OpenServiceW
QueryServiceObjectSecurity
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
AbortSystemShutdownW
RegQueryValueExW
RegDeleteKeyA
CryptAcquireContextA
CryptDestroyHash

shell32

SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderPathA
SHBrowseForFolderA
DuplicateIcon

oleaut32

SafeArrayCreateVector
SafeArrayGetLBound
LoadTypeLi
GetActiveObject

shlwapi

PathIsPrefixW
AssocCreate
SHDeleteValueW
SHStrDupW
StrDupW
SHOpenRegStream2W
PathRemoveFileSpecA
PathAddBackslashW
StrChrIW
HashData
StrTrimW
PathFindExtensionW
PathCombineW

setupapi

SetupIterateCabinetW
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDeviceInterfaceW
SetupDiGetClassDevsA
SetupCloseLog

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53a4d08e2434e17430899f18f0c48fed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 286KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 31KB

.text
Size: 288KB - Virtual size: 286KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 31KB