277333aab75e0286064347fd17e69167_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

277333aab75e0286064347fd17e69167_JaffaCakes118
Size

336KB
MD5

277333aab75e0286064347fd17e69167
SHA1

4d2759d02d2c3ce61a246fbd8f0e2fd8bc9eaf3b
SHA256

13624faf42ccca758a88f60c664557ad3044af06b9fc973b91513638c0b6da27
SHA512

a6a5ea807bf8fb51d644b5351f9cf2a49cf668655617a7a6c5d4575ca3a4ec7fb586fab67e57ccf22d2111c180bb1c4845e1c4eded9c7b55b7d2a958868f66e1
SSDEEP

6144:2i6HLc/Jr5Clet9QgrfFI34YgnZsTWse2fkVi1tkO:x6QhdClet9Qg234YqsTa2fkV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277333aab75e0286064347fd17e69167_JaffaCakes118

Files

277333aab75e0286064347fd17e69167_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15c77c78e1d6b5fd5e66a627366bfa13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
ReadConsoleInputA
FindAtomW
EnumSystemCodePagesW
lstrcpyA
GetStartupInfoA
GetACP
HeapReAlloc
SetPriorityClass
ReadConsoleOutputW
GetNumberFormatW
GetThreadSelectorEntry
SwitchToFiber
_lopen
GlobalGetAtomNameW
SizeofResource
DeleteFileW
_lcreat
WaitForMultipleObjectsEx
ConvertThreadToFiber
CreateMutexA
ReadConsoleOutputAttribute
DosDateTimeToFileTime
CompareStringW
CreateEventW
EnumResourceLanguagesW
LocalFileTimeToFileTime
GetPrivateProfileIntW
InitializeCriticalSectionAndSpinCount
BackupRead
VirtualQueryEx
QueryPerformanceCounter
GetStringTypeExW
CompareFileTime
SetThreadPriorityBoost
CallNamedPipeA
VirtualAlloc
GetLocaleInfoA
FreeEnvironmentStringsW
OutputDebugStringW
FindResourceW
GetCurrentProcessId
FindNextFileW
GlobalFlags
EnumResourceNamesW
CreateFileW
GetModuleHandleA
GetPrivateProfileSectionA
LocalFree
TlsAlloc
UpdateResourceA
SetFileAttributesW
FormatMessageA
CreateMutexW
GetExitCodeThread
FlushConsoleInputBuffer
FreeConsole
TlsGetValue
CreateDirectoryW
WriteConsoleW
GetVersionExA
CreateWaitableTimerA
SetUnhandledExceptionFilter
CreateWaitableTimerW
GetWindowsDirectoryW
lstrcmpA
_llseek
GetProcessWorkingSetSize
WaitForMultipleObjects
ScrollConsoleScreenBufferW
FindClose
lstrcatW
GetTempPathA
GetConsoleTitleA
GlobalUnlock
ReadConsoleOutputA
SetConsoleTitleA
ReleaseMutex
GetNumberOfConsoleInputEvents
GlobalHandle
IsBadWritePtr
LockFile
WriteProcessMemory
FindFirstFileA
SetEvent
CreateConsoleScreenBuffer
OpenFileMappingW
GlobalAddAtomA
VirtualQuery
SearchPathA
VirtualFree
GetNumberFormatA
CreateDirectoryExA
MoveFileA
CreateDirectoryA
lstrcpynW
GetTimeFormatW
GetDriveTypeW
GetTickCount
OpenSemaphoreW
WriteConsoleOutputW
GetProfileIntA
FindCloseChangeNotification
AllocConsole
GlobalGetAtomNameA
EnumSystemLocalesA
SetCurrentDirectoryA
SetLocalTime
GetCommandLineA
lstrlenA
VirtualProtect
SystemTimeToFileTime
ExitProcess

user32

SetTimer
LoadMenuIndirectW
CharPrevW
EnumDesktopsA
InSendMessage
PostMessageA
InsertMenuW
GetClipboardFormatNameW
DestroyIcon
ValidateRgn
FindWindowExW
InvalidateRect
EqualRect
GetGuiResources
EmptyClipboard
DeferWindowPos
GetWindowLongW
DrawCaption
SwitchToThisWindow
CharUpperA
CreateAcceleratorTableA
GetMenuItemInfoA
CallWindowProcA
EndDeferWindowPos
GetWindowInfo
SetLastErrorEx
OemKeyScan

gdi32

SetDIBColorTable
RestoreDC
CreateEllipticRgn
RealizePalette
GetMetaFileBitsEx

advapi32

GetServiceDisplayNameA
ReportEventA
CryptGetHashParam
SetSecurityDescriptorOwner
RegCreateKeyExA
CopySid
CryptDecrypt
RegEnumKeyA
RegRestoreKeyW
RegEnumKeyExW
InitiateSystemShutdownW
LogonUserW
RegConnectRegistryA
RegDeleteKeyW
GetNamedSecurityInfoA
RegCloseKey
ImpersonateSelf
CryptGetKeyParam
RegOpenKeyExW
AbortSystemShutdownA
MakeSelfRelativeSD
CryptExportKey
RegFlushKey
BuildTrusteeWithSidW
SetThreadToken
RegUnLoadKeyA
AllocateLocallyUniqueId
LookupAccountNameW
GetServiceDisplayNameW
LookupPrivilegeValueA
RegEnumValueA
CryptSignHashW
RegNotifyChangeKeyValue
CryptEncrypt
SetEntriesInAclW
SetSecurityDescriptorSacl
GetSecurityDescriptorControl
ObjectCloseAuditAlarmA
InitiateSystemShutdownA
GetSecurityInfo

ole32

CoGetCallContext
CoTaskMemAlloc
OleCreateMenuDescriptor
OleConvertIStorageToOLESTREAM

oleaut32

VariantCopy
SafeArrayGetElement
SysReAllocStringLen
VariantClear
QueryPathOfRegTypeLi
VariantInit
VariantChangeTypeEx
SafeArrayCreate

comctl32

ImageList_BeginDrag
ImageList_Create
ImageList_Replace
ImageList_AddMasked

shlwapi

SHRegCloseUSKey
PathStripToRootA
PathIsPrefixW
PathIsSameRootW
PathIsRootA
StrChrW
StrChrA
SHCreateStreamOnFileW
StrCmpNW
StrStrA

setupapi

SetupGetInfFileListA
SetupDiCreateDeviceInfoA
SetupIterateCabinetA
SetupDiGetDeviceInstallParamsW

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15c77c78e1d6b5fd5e66a627366bfa13

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 29KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 29KB