274ecf823b97f1bdd4cc664d5f2d8071_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

274ecf823b97f1bdd4cc664d5f2d8071_JaffaCakes118
Size

252KB
MD5

274ecf823b97f1bdd4cc664d5f2d8071
SHA1

b699930082e945473d024d828c08b573ae5e3061
SHA256

c69b28379507fd2bbd70ad693ddf438fa3f2942c5eea0e26817ed97a87c40e90
SHA512

6d9c88be0919415fc189ca217cc0c55091f667abb2af507ca82fedcd4f131ce2d210e8976452d21b1942d2cb66311607c286f9e763e9ff6460380ee27f795846
SSDEEP

6144:RHsniMw2pp/VqcG2Ghoahx6CbjZtdDvXvxwFziH:Raw2pNVqF28fXNPvMzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274ecf823b97f1bdd4cc664d5f2d8071_JaffaCakes118

Files

274ecf823b97f1bdd4cc664d5f2d8071_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6935671d76848c1074c94d0712c8294c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
Beep
FindNextChangeNotification
SuspendThread
WriteFile
GetCommandLineW
CreatePipe
CompareStringW
SetErrorMode
SetEnvironmentVariableA
GetEnvironmentStringsW
GetShortPathNameW
WriteConsoleOutputW
MultiByteToWideChar
GetSystemTimeAdjustment
EnumResourceNamesW
GetOverlappedResult
GetBinaryTypeA
GetProcessHeap
SetConsoleMode
GetNumberFormatW
GetEnvironmentVariableW
GetDriveTypeW
GetOEMCP
EnumSystemCodePagesW
VirtualProtect
FindCloseChangeNotification
ReadFileScatter
SystemTimeToFileTime
RemoveDirectoryA
GetHandleInformation
GetModuleHandleA
lstrcmpiW
SetThreadLocale
WritePrivateProfileSectionA
OutputDebugStringA
GenerateConsoleCtrlEvent
WritePrivateProfileStructA
GetLargestConsoleWindowSize
GetCommState
FreeLibraryAndExitThread
OpenFile
SetProcessShutdownParameters
PrepareTape
GetConsoleCursorInfo
SetConsoleActiveScreenBuffer
GetProfileStringA
CreateMutexA
SetConsoleOutputCP
IsValidLocale
GlobalFindAtomW
VirtualUnlock
GetCommModemStatus
VirtualAllocEx
GetStartupInfoA
ClearCommBreak
GetCPInfo
WritePrivateProfileStringA
CreateProcessA
EnumDateFormatsW
GetCommandLineA
GetVersionExA
lstrlenA
VirtualAlloc
GetWindowsDirectoryA
ExitProcess

user32

wvsprintfW
DefDlgProcA
PostThreadMessageW
TabbedTextOutA
CreateCaret
CheckDlgButton
GetWindowPlacement
PostMessageW
RedrawWindow
NotifyWinEvent
LoadMenuIndirectW
IsCharLowerA
ChangeDisplaySettingsW
CharNextW
GetWindowLongA
SetScrollPos
IsIconic
CreateCursor
BeginPaint
SetWindowWord
GetWindowTextA
GrayStringW
WinHelpA
SetRect
EndPaint
ChangeClipboardChain
GetDesktopWindow
TranslateMessage
ToUnicodeEx
IsCharAlphaNumericA
CharNextExA
InflateRect
GetSubMenu
RegisterWindowMessageA
OpenInputDesktop
SetWindowRgn
CheckMenuRadioItem
GetKeyboardState
GetDlgItemTextW
UnionRect
CopyAcceleratorTableW
GetSystemMetrics
GetAsyncKeyState
GetUpdateRgn
wvsprintfA
MapDialogRect
MonitorFromRect
GetKeyboardType
CheckRadioButton
UnhookWindowsHookEx
GetDlgItemTextA
SendMessageW
ModifyMenuA

gdi32

SetViewportExtEx
ResizePalette
Escape
AbortDoc
RemoveFontResourceW
GetTextExtentPointW
CreatePen
SetTextCharacterExtra
Pie
GetDIBits
ExtFloodFill
SetWorldTransform

comdlg32

ChooseFontW

advapi32

GetTokenInformation
RegEnumKeyA
RegDeleteValueW
RegEnumKeyExW
AddAce
AccessCheckAndAuditAlarmW
SetFileSecurityW
RegConnectRegistryA
ObjectCloseAuditAlarmA
QueryServiceStatus
CryptGenRandom
GetSidSubAuthority
ImpersonateLoggedOnUser
GetUserNameW
AllocateAndInitializeSid
RegUnLoadKeyA
RegOpenKeyA
CryptAcquireContextA
CryptGetHashParam
CryptSignHashW
RegDeleteKeyW
CreateProcessAsUserW
DuplicateTokenEx

shell32

FindExecutableA

ole32

OleCreateLink
ProgIDFromCLSID
OleRegGetMiscStatus
CoInitializeEx
CreateBindCtx
OleSetMenuDescriptor
GetRunningObjectTable
OleSetClipboard
MkParseDisplayName

oleaut32

SafeArrayGetLBound
LoadTypeLibEx
SafeArrayPutElement
SafeArrayGetElement
SetErrorInfo
SafeArrayCreate

comctl32

PropertySheetA
ImageList_EndDrag

shlwapi

PathQuoteSpacesW
StrFormatByteSize64A
SHCreateStreamOnFileW
PathRemoveBackslashA
PathRemoveFileSpecA
StrFormatByteSizeW
PathRenameExtensionW
PathFileExistsW
PathStripToRootA
AssocQueryStringW
PathIsRootA
PathIsRelativeW
SHGetValueW
PathRelativePathToW
UrlGetPartA
HashData

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6935671d76848c1074c94d0712c8294c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 228KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 228KB