298af79765534bc4c1831d7246c91119_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

298af79765534bc4c1831d7246c91119_JaffaCakes118
Size

328KB
MD5

298af79765534bc4c1831d7246c91119
SHA1

22d40e741816f18876b5fb907b6740e8a9fd9913
SHA256

95e7defec4dea716dd26fca3a7c5669c0ec13bde5201e763a8a83b66ef27bc0f
SHA512

c80cbcf1f261cdb7012d03511d4667b482c0327710b54216904b9786b472963097ba487249fcbeddc7f49f4c37f4e2906774ead58ef449b2a34f9b64827193e4
SSDEEP

6144:7gvwH3qWn/sm4Gs2lriVbQCforZ0jBYinVKNvSIGj4QJxKD6USZoAVTUrtiBQ9zJ:clWEmbiVbQCAKFYiyBGj4YI6++QiB0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
298af79765534bc4c1831d7246c91119_JaffaCakes118

Files

298af79765534bc4c1831d7246c91119_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e6de9409af1f8b9e8723e356bed061b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
GetConsoleScreenBufferInfo
EnumSystemCodePagesW
WideCharToMultiByte
SetEnvironmentVariableW
FreeResource
EnumDateFormatsW
GetCommandLineA
LocalReAlloc
BackupRead
GetPrivateProfileStructA
SetupComm
GetModuleHandleA
WaitNamedPipeW
CreateIoCompletionPort
GetTimeFormatA
_lopen
PeekConsoleInputW
FillConsoleOutputCharacterA
CreateDirectoryA
_lread
GetPrivateProfileIntW
DefineDosDeviceA
CreateNamedPipeA
FindAtomA
GetConsoleCursorInfo
GetNumberFormatW
LocalLock
Beep
GlobalReAlloc
ReadProcessMemory
IsProcessorFeaturePresent
CreateEventW
CreateThread
GlobalAlloc
VirtualAllocEx
GetQueuedCompletionStatus
GetModuleHandleW
GlobalLock
SetEnvironmentVariableA
RemoveDirectoryA
TryEnterCriticalSection
TerminateProcess
PostQueuedCompletionStatus
GetBinaryTypeA
lstrcmpiA
WritePrivateProfileSectionW
SetPriorityClass
GetLocaleInfoW
SetEndOfFile
GetLongPathNameA
LocalAlloc
GetFileInformationByHandle
CreateConsoleScreenBuffer
WriteFile
ClearCommBreak
WaitNamedPipeA
GetSystemTimeAsFileTime
FindAtomW
WriteProfileStringW
GetCommConfig
GlobalHandle
EnumResourceLanguagesA
lstrcpyA
HeapAlloc
GlobalGetAtomNameW
CreateFileMappingW
CreateFileA
_lwrite
GetDiskFreeSpaceW
FindResourceExA
SetThreadExecutionState
GetComputerNameW
VirtualFree
GetCurrentDirectoryW
GetFileAttributesA
GetStringTypeExA
SuspendThread
WritePrivateProfileStringW
ReleaseSemaphore
GetSystemInfo
ResetEvent
GetProfileIntW
QueryDosDeviceW
SystemTimeToFileTime
GetFullPathNameW
GlobalCompact
GetVersionExA
VirtualProtect
GetProcessTimes
ExitProcess

user32

CreateWindowExW
SetUserObjectSecurity
DragDetect
FrameRect
CreateCaret
CloseWindow
GetMenuItemID
GetClassInfoW
GetWindowWord
SendNotifyMessageA
LoadIconA
CopyAcceleratorTableW
SetWindowsHookExW
DestroyAcceleratorTable
GetCursorPos
ScrollDC
DrawFocusRect
InternalGetWindowText
SwapMouseButton
SetDlgItemInt
SetCapture
DialogBoxParamW
EnumDisplaySettingsExW
GetCaretPos
GetDC
SetWindowContextHelpId

gdi32

GetBrushOrgEx
OffsetViewportOrgEx
PtVisible
GetObjectType
SetTextAlign
SetPixel
RealizePalette
SetMapperFlags
BeginPath
SetViewportExtEx
StartDocA
GetViewportExtEx
GetPixelFormat
CreatePatternBrush
PaintRgn
GetROP2
SetBrushOrgEx

comdlg32

ChooseFontA

advapi32

ReportEventA
CryptSetHashParam
InitializeSid
LogonUserA
RegQueryValueW
CryptAcquireContextA
OpenSCManagerA
SetPrivateObjectSecurity
QueryServiceConfigW
SetFileSecurityA
RegCloseKey
GetSecurityInfo
OpenSCManagerW
RegOpenKeyA
QueryServiceStatus
CryptSetProvParam
InitializeSecurityDescriptor
QueryServiceObjectSecurity
SetSecurityDescriptorDacl
CreatePrivateObjectSecurity
OpenThreadToken
ChangeServiceConfigW
QueryServiceConfigA
SetSecurityDescriptorOwner
GetSidLengthRequired
CryptDestroyHash
CreateProcessAsUserA
RegOpenKeyExW
LookupPrivilegeNameA
CryptEncrypt
QueryServiceLockStatusW
DuplicateTokenEx
IsTextUnicode

shell32

DuplicateIcon
ShellAboutA
ShellExecuteExW
DragFinish

ole32

CoMarshalInterface
OleCreateLink
GetHGlobalFromILockBytes

oleaut32

LoadTypeLi
QueryPathOfRegTypeLi
GetActiveObject
VariantChangeType
RegisterTypeLi
SafeArrayGetLBound

comctl32

PropertySheetW
ImageList_GetIconSize

shlwapi

SHRegCloseUSKey
PathRemoveFileSpecA
PathIsUNCServerW
PathCombineA
SHCopyKeyW

setupapi

SetupGetBinaryField
SetupDiBuildDriverInfoList
SetupDiGetClassDescriptionW
SetupGetInfFileListA
SetupDiEnumDriverInfoA
SetupGetTargetPathW
SetupDiSetSelectedDevice
SetupFindFirstLineA
SetupDiDeleteDeviceInfo

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e6de9409af1f8b9e8723e356bed061b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 19KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 19KB