270889e8bd39713c10c02da01c12414d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

270889e8bd39713c10c02da01c12414d_JaffaCakes118
Size

252KB
MD5

270889e8bd39713c10c02da01c12414d
SHA1

f20686702cfced215a514828c230fba25955a1c6
SHA256

171aa90c042c7d1047602946a3737253abc44ca21142994e9350a973d8efed3f
SHA512

f31a5adea66211af7073eb0be68c48416206f9f9764d3e06013d8cc5d6ec921e5d8f4279ff01dad7cba4cdad3cf1fe61cce146599c147be48974068e6d34e9dc
SSDEEP

6144:qjlCKmxK5DjgnBJR7goonKTPNSuzpWuu024CTXVc:qjltrZkxOKTQuFvNcT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
270889e8bd39713c10c02da01c12414d_JaffaCakes118

Files

270889e8bd39713c10c02da01c12414d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfa20a759ca7296a61f584d944beb14d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetModuleFileNameW
OpenMutexA
GetACP
CreateProcessA
CreateDirectoryW
VirtualAlloc
GetModuleHandleA
SetErrorMode
GetShortPathNameW
GetComputerNameW
LocalLock
SuspendThread
GetDriveTypeW
SetConsoleWindowInfo
ReadConsoleOutputA
EnumResourceLanguagesW
GetSystemTimeAsFileTime
GetCompressedFileSizeW
EnumSystemCodePagesA
UnhandledExceptionFilter
GenerateConsoleCtrlEvent
WritePrivateProfileSectionW
FlushFileBuffers
GetSystemDirectoryW
GlobalAddAtomW
GetTempFileNameA
SetCommTimeouts
GetTickCount
GetCommandLineW
GlobalDeleteAtom
WritePrivateProfileStructA
SetTimeZoneInformation
WritePrivateProfileStringA
GetEnvironmentVariableW
SetCommMask
FindFirstFileA
GetThreadContext
SetConsoleCursorPosition
EnumSystemCodePagesW
TlsGetValue
GetUserDefaultLCID
GetLogicalDriveStringsA
MoveFileExA
QueryDosDeviceW
GetDateFormatA
SetThreadLocale
LoadLibraryExW
GetCommandLineA
ExpandEnvironmentStringsW
FreeLibraryAndExitThread
GetSystemInfo
GetPrivateProfileStringA
lstrcpyA
LoadLibraryExA
VirtualProtect
VirtualUnlock
EnumTimeFormatsW
GetProcessTimes
FileTimeToLocalFileTime
ReadDirectoryChangesW
_hread
GetTapeParameters
MultiByteToWideChar
GetCommModemStatus
SizeofResource
lstrcmpiA
IsDBCSLeadByteEx
SetFileAttributesA
ReadConsoleA
LCMapStringA
GetConsoleMode
GetNumberFormatW
SetHandleCount
CancelIo
GetLongPathNameA
WriteConsoleOutputW
FormatMessageA
GetCurrentProcess
GlobalGetAtomNameW
EnumResourceNamesA
SetLastError
EndUpdateResourceA
SetThreadAffinityMask
AreFileApisANSI
DeleteCriticalSection
RemoveDirectoryW
EnumResourceNamesW
GetVersionExA
WritePrivateProfileSectionA
ExitProcess

user32

SetFocus
DialogBoxIndirectParamW
DrawStateW
ChangeDisplaySettingsA
GetDlgItemTextA
ArrangeIconicWindows
SwapMouseButton
ChangeMenuA
RegisterClassW
MsgWaitForMultipleObjectsEx
EnumDisplayMonitors
wsprintfA
GetTitleBarInfo
DrawStateA
GetDialogBaseUnits
GetDC
OpenIcon
CreateAcceleratorTableA
GetScrollPos
LoadStringW
GetMonitorInfoA
GetIconInfo
GetDlgItemInt
ValidateRect
EnumDisplaySettingsExW
AdjustWindowRectEx
EnumClipboardFormats
GetAncestor
OffsetRect
GetUserObjectInformationW
SetScrollPos
LoadIconW
EnumDesktopWindows
GetClipboardOwner
DialogBoxIndirectParamA
RemovePropA
EnableScrollBar
SetCapture
SendMessageTimeoutW
CreateIconIndirect
GetWindowRgn
PostThreadMessageA
IsCharAlphaNumericW
RegisterWindowMessageW

gdi32

AbortDoc
EqualRgn
RectInRegion
SetBitmapBits
SetWindowOrgEx
GetEnhMetaFileDescriptionA
GetCurrentObject
GetTextExtentPointW
CreateHalftonePalette
GetBkMode
GetStockObject
PathToRegion
StrokePath
CreateBrushIndirect
ChoosePixelFormat
WidenPath
SetDIBColorTable
SetLayout
PtVisible
SetROP2
GetTextExtentExPointA
CreateFontW

advapi32

RegQueryValueExW
GetSecurityDescriptorOwner
DeleteService
NotifyBootConfigStatus
GetFileSecurityA
InitializeAcl
ObjectDeleteAuditAlarmW
RegDeleteValueW
SetSecurityDescriptorOwner
RegisterEventSourceW
RegEnumValueA
ClearEventLogW
AddAccessAllowedAce
GetSecurityDescriptorDacl
RegQueryValueW

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHGetSettings
Shell_NotifyIconA
SHFileOperationW

ole32

CoRegisterClassObject
OleSaveToStream

oleaut32

SafeArrayPutElement
QueryPathOfRegTypeLi
SysAllocStringLen
SafeArrayRedim
SetErrorInfo

comctl32

ImageList_SetOverlayImage
ImageList_GetDragImage

shlwapi

PathGetCharTypeW
SHRegCloseUSKey
StrStrW
StrPBrkW
PathAddExtensionW
PathIsRootA
PathUnquoteSpacesW
UrlCanonicalizeW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfa20a759ca7296a61f584d944beb14d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB