2711a4a14ea127c4576660684401e1e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2711a4a14ea127c4576660684401e1e1_JaffaCakes118
Size

428KB
MD5

2711a4a14ea127c4576660684401e1e1
SHA1

13bd42801f7dd765400679b231a603756aadd9ca
SHA256

f777e99a5fe234a762dc3a5c81165ae52316d4662e63907be3c474522ab5bb4a
SHA512

d5e77e77807224a86bd53f30708b9d6a7940df18e96fe99d2ae636380209bd0ecdc8a36810eddcf44e2e52b20605153ac67d6128372ae1e84a6e80bebbe25e80
SSDEEP

12288:28IGV+jRPgQuFmfxJzpsO2JjMAFfVkQAGj:zIGABgQukf7zpshLViGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2711a4a14ea127c4576660684401e1e1_JaffaCakes118

Files

2711a4a14ea127c4576660684401e1e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

837d8b20cafcd4b96302ad38ec00f68b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
SetProcessShutdownParameters
GetCompressedFileSizeW
SetNamedPipeHandleState
SetThreadPriorityBoost
GetPrivateProfileStringA
GetHandleInformation
GetShortPathNameA
CloseHandle
LoadLibraryExA
GetCommandLineA
_hread
SetCommTimeouts
EnumSystemCodePagesW
GetNumberFormatW
GetCommandLineW
IsValidLocale
EnumTimeFormatsW
FindFirstFileExW
SearchPathW
GetBinaryTypeA
GetLocaleInfoW
PrepareTape
MultiByteToWideChar
DuplicateHandle
TlsGetValue
LeaveCriticalSection
GetPrivateProfileStringW
GetDriveTypeW
SetEnvironmentVariableA
ClearCommBreak
GetDateFormatA
InitializeCriticalSection
CancelIo
ReadConsoleInputW
GetTapeParameters
UnmapViewOfFile
GetProcessTimes
_llseek
GetShortPathNameW
OutputDebugStringA
FileTimeToLocalFileTime
SetEnvironmentVariableW
FillConsoleOutputCharacterA
RemoveDirectoryW
LocalAlloc
IsBadStringPtrA
GetModuleHandleA
GetCommModemStatus
ReadFileScatter
QueryDosDeviceA
GetTapeStatus
OpenFile
GenerateConsoleCtrlEvent
GetLogicalDriveStringsA
WriteConsoleOutputW
SwitchToFiber
GetCurrentProcessId
GetTimeZoneInformation
SetCurrentDirectoryA
GetConsoleCursorInfo
FindResourceExW
EnumDateFormatsW
GetVersionExA
VirtualAlloc
LoadResource
ExitProcess

user32

RegisterClipboardFormatA
GetKeyNameTextW
SetScrollInfo
CharPrevW
CharUpperBuffA
SetMenuDefaultItem
IsDlgButtonChecked
GetProcessWindowStation
CharToOemW
SetMenuItemInfoA

gdi32

StrokeAndFillPath
GetTextExtentPoint32A
CloseEnhMetaFile
LineTo
IntersectClipRect
SetPolyFillMode
CreateEnhMetaFileW
StretchBlt
GetTextFaceA
EnumObjects
ExtCreatePen
SetTextJustification
GetSystemPaletteEntries
GetViewportOrgEx
CreateRectRgnIndirect
CreateFontW
SetViewportExtEx

comdlg32

GetSaveFileNameA
ChooseFontA
ChooseFontW
ChooseColorW

advapi32

CryptGetUserKey
NotifyChangeEventLog
RegRestoreKeyA
NotifyBootConfigStatus
OpenThreadToken
GetAce
RegisterEventSourceW
CryptAcquireContextW
CryptImportKey
GetSecurityDescriptorLength
RegLoadKeyW
CryptDestroyHash
OpenServiceW
DuplicateTokenEx
CreateServiceA
GetUserNameW
GetExplicitEntriesFromAclW
LookupPrivilegeDisplayNameA
CryptDestroyKey
RegDeleteValueA
RegLoadKeyA
GetServiceDisplayNameW
AllocateLocallyUniqueId
SetEntriesInAclW
RegRestoreKeyW
GetSecurityDescriptorGroup
RegisterServiceCtrlHandlerW
DestroyPrivateObjectSecurity
BuildTrusteeWithNameW
SetSecurityDescriptorDacl
AdjustTokenPrivileges
SetPrivateObjectSecurity
RegCreateKeyExW
SetThreadToken
RegEnumKeyExA
GetSidLengthRequired
RegQueryValueW

shell32

SHLoadInProc

ole32

CoInitializeEx
CoResumeClassObjects
CreateOleAdviseHolder

oleaut32

SafeArrayPutElement
SysAllocStringLen
LoadTypeLi
QueryPathOfRegTypeLi
SetErrorInfo

Sections

gmcks
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

uikcma
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uegwe
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imgoqoy
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

837d8b20cafcd4b96302ad38ec00f68b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

gmcks Size: 336KB - Virtual size: 335KB

uikcma Size: 8KB - Virtual size: 4KB

uegwe Size: 44KB - Virtual size: 43KB

imgoqoy Size: 36KB - Virtual size: 33KB

gmcks
Size: 336KB - Virtual size: 335KB

uikcma
Size: 8KB - Virtual size: 4KB

uegwe
Size: 44KB - Virtual size: 43KB

imgoqoy
Size: 36KB - Virtual size: 33KB