299ba384b45936d2c3f79792eea341f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

299ba384b45936d2c3f79792eea341f0_JaffaCakes118
Size

344KB
MD5

299ba384b45936d2c3f79792eea341f0
SHA1

0fc5608a6a7a2d6c7ae348472ef4e580c2466562
SHA256

0cf4fb925492d5e6a4bc61734af967f6ecb1ab8c76c0d6c10a48e17b78cdcc56
SHA512

962cce9f88560f1fc8976bda65b9f0578c2bbb7123f7f14a3cf3144b42b3ca9f6c25fb9c49103619e2f607cf6e5dad9cdfb604b8efa6e9adf09c64bc5e233b07
SSDEEP

6144:s7NWd0pT1tFcLj+jkkNn+HPhVvBMHwbTjfU5ZWhHI7gznxIo9VvtYtkG44R+V:sxW2pBtyyNpyzBMHwXjsb4HZznxI0k1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299ba384b45936d2c3f79792eea341f0_JaffaCakes118

Files

299ba384b45936d2c3f79792eea341f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a45907f712549f23a771f0f3f4f87d2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
FreeEnvironmentStringsA
SetThreadLocale
GetCurrentDirectoryW
GetLogicalDriveStringsA
GetShortPathNameW
ReadFile
GetDiskFreeSpaceExA
PulseEvent
ReadFileScatter
EnumSystemCodePagesA
DuplicateHandle
lstrcatW
GetConsoleCursorInfo
CopyFileExW
FreeLibrary
QueryDosDeviceA
OpenFile
SetEnvironmentVariableW
SetEvent
GetConsoleMode
UnhandledExceptionFilter
RemoveDirectoryW
CreateEventA
VirtualQuery
SetVolumeLabelA
GetNumberFormatW
VirtualAlloc
GetVersion
WritePrivateProfileStructA
GetTapeParameters
FlushFileBuffers
LoadLibraryExW
DosDateTimeToFileTime
FreeLibraryAndExitThread
IsDBCSLeadByteEx
GetUserDefaultLangID
PeekConsoleInputW
VirtualQueryEx
GetSystemDefaultLangID
GetOEMCP
VirtualUnlock
GetSystemTimeAdjustment
EnumCalendarInfoW
SetHandleCount
DeleteFiber
GetOverlappedResult
GetEnvironmentVariableW
CreateIoCompletionPort
PurgeComm
lstrcmpiW
GetComputerNameW
GlobalAddAtomW
IsBadReadPtr
GetVersionExA
EnumResourceLanguagesW
LocalAlloc
CreateDirectoryExA
GenerateConsoleCtrlEvent
SetThreadAffinityMask
SetCommMask
DeleteCriticalSection
SetProcessWorkingSetSize
UnmapViewOfFile
_llseek
WritePrivateProfileStringW
EnumDateFormatsW
GetLongPathNameA
LocalSize
WritePrivateProfileSectionA
IsProcessorFeaturePresent
SetConsoleTitleA
GetDriveTypeA
GetACP
GetProfileStringA
GetCommandLineA
VirtualProtect
VirtualFree
ExitProcess

user32

GetDlgCtrlID
CreateDialogParamW
EnumClipboardFormats
SetWindowLongA
UnhookWindowsHookEx
GetWindowInfo
CreatePopupMenu
LoadKeyboardLayoutW
GetActiveWindow
ValidateRect
LoadBitmapA
ReplyMessage
GetCapture
ReleaseDC
GetClassInfoA
CreateMDIWindowW
RegisterClassExW
SendMessageTimeoutW
SetThreadDesktop
MonitorFromRect
GetMenu
UnionRect
GetMonitorInfoW
EndPaint
DeleteMenu
CharLowerBuffA
HideCaret
SetMenu
TrackMouseEvent
TabbedTextOutW
ChangeMenuA
SendMessageTimeoutA
FindWindowW
CallNextHookEx
SetRectEmpty
DestroyWindow
EnumWindowStationsW
GetDlgItem
MessageBeep
SetWindowContextHelpId
GetFocus
DeferWindowPos

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GdiComment
SetBrushOrgEx
StretchDIBits
GetLayout
SetDIBColorTable
LineTo
GetSystemPaletteUse
UpdateColors
ExtTextOutW

advapi32

InitializeAcl
EnumDependentServicesW
CryptSetKeyParam
RegUnLoadKeyW
GetCurrentHwProfileW
PrivilegeCheck
GetNamedSecurityInfoA
ObjectCloseAuditAlarmA
AllocateLocallyUniqueId

shell32

FindExecutableA

oleaut32

SafeArrayPutElement
SafeArrayGetElement

comctl32

ImageList_SetBkColor

shlwapi

PathFindExtensionW
PathCompactPathW
PathStripPathW
SHRegGetUSValueW
PathIsRelativeW

setupapi

SetupDiEnumDeviceInterfaces
SetupFindFirstLineA
SetupDiOpenDevRegKey
SetupInitDefaultQueueCallback

Sections

HLNEJA
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UEFLG
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

dZKbxc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LNmTa
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a45907f712549f23a771f0f3f4f87d2a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

Sections

HLNEJA Size: 296KB - Virtual size: 294KB

UEFLG Size: 8KB - Virtual size: 4KB

dZKbxc Size: 4KB - Virtual size: 2KB

LNmTa Size: 32KB - Virtual size: 31KB

HLNEJA
Size: 296KB - Virtual size: 294KB

UEFLG
Size: 8KB - Virtual size: 4KB

dZKbxc
Size: 4KB - Virtual size: 2KB

LNmTa
Size: 32KB - Virtual size: 31KB