27904fc0151e3a69d8d77169bf405a5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27904fc0151e3a69d8d77169bf405a5e_JaffaCakes118
Size

332KB
MD5

27904fc0151e3a69d8d77169bf405a5e
SHA1

f94d82ced0a27c7a9a25424382b64a7b82b111f9
SHA256

96e3a156288fdc04e3cf9b8de128b3902d3c30a77db07ef3299c12ec1854917f
SHA512

6703050f0c510547b2eca649f300f77f696eacff18c7cbb7040b8ef1f016e8ca3d5aa74e7626bf75839d54b69a39b8ef89c5ae14696b2c40ae2de46444a66209
SSDEEP

6144:frVdNrGqYObswHJBjrCgZ9EBb0M5sSJdsfqKAkTKr1YS/tgiZSKsSVyjcy8aBSGj:frVzTzgIJp+gZ+l1sSJdsfxVTG1giZIN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27904fc0151e3a69d8d77169bf405a5e_JaffaCakes118

Files

27904fc0151e3a69d8d77169bf405a5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bb87c85fb76d9ffacf6aa507e245a28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetSystemDirectoryW
EnumCalendarInfoW
FindResourceExA
SetFileApisToOEM
GetWindowsDirectoryA
ConnectNamedPipe
_lwrite
_lclose
MoveFileW
ReadConsoleA
HeapAlloc
LocalReAlloc
IsValidLocale
GetConsoleTitleA
GetUserDefaultLangID
WriteFileEx
GetCommandLineA
GetThreadTimes
ReadConsoleOutputAttribute
WriteConsoleInputA
MulDiv
GetNumberOfConsoleInputEvents
VirtualProtect
ExitProcess

user32

SubtractRect
SendDlgItemMessageW
RegisterWindowMessageA
SetFocus
IsDialogMessageA
OemToCharBuffA
SendMessageW
IsCharLowerW
SetRectEmpty
ChangeDisplaySettingsExA
GetLastActivePopup
SetUserObjectSecurity
PeekMessageA
CreateIcon
PostQuitMessage
AdjustWindowRect
GetKeyboardType
DrawStateA
GetMenuStringA
UnregisterHotKey
EnumDisplaySettingsW
RedrawWindow
DeleteMenu
GetNextDlgTabItem
WaitMessage
GetSubMenu
GetScrollPos
GetMenuItemInfoA
CreateDialogIndirectParamA
GetShellWindow
LoadIconA
MenuItemFromPoint
DestroyAcceleratorTable
CreateWindowExA
CharLowerA
GetNextDlgGroupItem
GetProcessDefaultLayout
RegisterDeviceNotificationA
BeginDeferWindowPos
CharNextExA

gdi32

CreateEnhMetaFileW
GetWinMetaFileBits
GetSystemPaletteEntries
GetSystemPaletteUse
DeleteObject
CreateSolidBrush
GetLayout
GetEnhMetaFileBits
OffsetViewportOrgEx
OffsetWindowOrgEx
CreateCompatibleDC
GetNearestColor
PtVisible
CreatePatternBrush
SetMapperFlags
SelectObject
GetFontLanguageInfo
CreateEllipticRgnIndirect
GetStockObject
GetTextFaceW
CreateDIBSection

comdlg32

ChooseColorW
GetOpenFileNameA

advapi32

DeleteAce
CryptImportKey
GetCurrentHwProfileW
CryptHashData
RegDeleteKeyW
GetSecurityInfo
RegisterServiceCtrlHandlerA
RegFlushKey
ChangeServiceConfigA
GetSecurityDescriptorGroup
StartServiceW
RegCreateKeyExA
RegEnumKeyW
GetNamedSecurityInfoA
AllocateAndInitializeSid
SetPrivateObjectSecurity
DuplicateTokenEx
GetUserNameA
LogonUserA
LogonUserW
QueryServiceConfigA
AddAccessAllowedAce
SetSecurityDescriptorSacl
BuildTrusteeWithSidW
UnlockServiceDatabase
GetLengthSid
QueryServiceLockStatusW
CryptDestroyKey
RegCreateKeyW
CloseEventLog
CreateServiceA
RegQueryValueA
RegSetKeySecurity

shell32

Shell_NotifyIconA
ExtractIconExA
SHChangeNotify
SHGetPathFromIDListW
DragFinish
DuplicateIcon

ole32

OleUninitialize
StgOpenStorageEx
ReadClassStm
CoLockObjectExternal

oleaut32

VariantInit
CreateErrorInfo
VariantChangeType
SafeArrayCreateVector
SafeArrayPtrOfIndex
SysAllocString
SafeArrayPutElement
SafeArrayGetElement

comctl32

ImageList_BeginDrag
ImageList_SetDragCursorImage

shlwapi

SHStrDupW
PathCanonicalizeA
SHCreateStreamOnFileW
ChrCmpIW
UrlCombineW
StrChrIW
PathRelativePathToA
StrPBrkW
PathGetCharTypeA
PathRemoveBlanksA
PathRemoveBlanksW
PathIsUNCServerW

setupapi

SetupDiEnumDriverInfoW
SetupIterateCabinetA
SetupDiEnumDeviceInterfaces
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceRegistryPropertyW

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bb87c85fb76d9ffacf6aa507e245a28

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 40KB - Virtual size: 38KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 38KB