271730a310755db87b5e98fe95a88c94_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

271730a310755db87b5e98fe95a88c94_JaffaCakes118
Size

236KB
MD5

271730a310755db87b5e98fe95a88c94
SHA1

510039039c3fad9b68c6620536d6b0dbefb09063
SHA256

d29f440f93e044dc75f330fa6cf9791f9a0dcdef5e2fbd62f4e88ded6c18afb9
SHA512

f490f26d27a4222f821b90e37fbfdb3280dfe6b5b7a25f18122289a095b77324dfe0a985cf34d043453618ba785f7eb7aaf896f10f094cd40ef9897b235d87da
SSDEEP

3072:VnRamlw/xLgcQO98398t62ZM+Amn9q5Uad2xe9:NRrw5UcQztrlFbtd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
271730a310755db87b5e98fe95a88c94_JaffaCakes118

Files

271730a310755db87b5e98fe95a88c94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53883aee7abcc764e0dc0fdf3b0d7737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
ReadFile
FlushFileBuffers
WriteFile
GetVersionExA
LocalFree
LocalAlloc
GetCurrentThread
GetProcAddress
GetModuleHandleW
GetUserDefaultLangID
GetModuleFileNameW
GetModuleHandleA
GetCurrentProcessId
MultiByteToWideChar
GetModuleFileNameA
FreeLibrary
LoadLibraryW
CreateFileW
SetFilePointer
CreatePipe
DuplicateHandle
SetNamedPipeHandleState
GetTempPathW
Sleep
WideCharToMultiByte
GetStartupInfoW
CreateProcessW
WaitForSingleObject
CloseHandle
GetCommandLineW
GetCurrentProcess
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
InterlockedExchange
GetLocaleInfoA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
GetACP
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetStdHandle
SetHandleCount
TerminateProcess
IsBadWritePtr
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
SetStdHandle
GetFileType
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
SetUnhandledExceptionFilter
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
RegOpenKeyExW
RegEnumKeyA
RegQueryValueExA
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
RevertToSelf
RegOpenKeyW
RegCloseKey
RegQueryValueExW
OpenProcessToken
AdjustTokenPrivileges

user32

MessageBoxW
OffsetRect
CopyRect
ExitWindowsEx
SetWindowPos
PostQuitMessage
CreateDialogParamW
ShowWindow
IsDialogMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjects
DestroyWindow
GetDlgItem
SendMessageW
SetDlgItemTextW
GetDesktopWindow
GetWindowRect

comctl32

ord17

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

53883aee7abcc764e0dc0fdf3b0d7737

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 160KB - Virtual size: 228KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 160KB - Virtual size: 228KB