279e8c52b3047ac7cf52b7719e7bd8ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

279e8c52b3047ac7cf52b7719e7bd8ea_JaffaCakes118
Size

376KB
MD5

279e8c52b3047ac7cf52b7719e7bd8ea
SHA1

b13891c005c4f88ebfea6be731dbc471cd9c605d
SHA256

f13b3002901d047c306686565a395fb12eec6997aa9f3bc256fa048f0fa4a0f0
SHA512

f9f1ae40e8ecce6b48fb331c607236611657d62ea731c089d8fff870d94c3e42f6f60d77b4b05b3974c261bbe345014906fcc24b59f2686cc0e75fab6e993d37
SSDEEP

6144:nslahnIbRUfyPm23tJL66n4o6IUFHZdsFc6xqaj33KYwWrlV5jTYuVEYwQrm:6aaRUa+29J1rUFsC64ajnKOrlPTp6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279e8c52b3047ac7cf52b7719e7bd8ea_JaffaCakes118

Files

279e8c52b3047ac7cf52b7719e7bd8ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c97657c3f4708b2a9023f2d1b38ff9c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
ReleaseSemaphore
GetFullPathNameA
GetVersionExA
GetFileAttributesExA
GetLocaleInfoW
PrepareTape
GetCommModemStatus
CreateEventA
VirtualQueryEx
VirtualProtect
ExitProcess
WritePrivateProfileStringW
DeleteFiber
IsBadReadPtr
_lread
AllocConsole
LocalAlloc
SetProcessWorkingSetSize
SetNamedPipeHandleState
LCMapStringA
FindFirstFileW
lstrcpyA
VirtualLock
IsProcessorFeaturePresent
SetThreadPriorityBoost
SetLastError
CreateDirectoryA
Beep
GetEnvironmentVariableW
ClearCommBreak
GetSystemTimeAsFileTime
GetThreadPriority
SizeofResource
lstrcmpiA
ExitThread
LocalSize
GlobalFree
FreeResource
GetSystemDefaultLangID
CreatePipe
SetConsoleMode
PeekConsoleInputW
GetTapeStatus
LoadLibraryExW
OpenFile
_lclose
GetTempPathW
VirtualAllocEx
FindFirstFileExW
ExpandEnvironmentStringsW
SetThreadLocale
ConnectNamedPipe
SetConsoleCursorPosition
FindCloseChangeNotification
ReadConsoleA
GetThreadContext
GetProcessHeap
UnmapViewOfFile
EnumTimeFormatsW
ReleaseMutex
GetCommandLineA
lstrlenA
SearchPathW

user32

GetMessageTime
EnableScrollBar
PtInRect
InvertRect

gdi32

CreatePalette
GetClipBox
SetAbortProc
EndPath
SelectObject
SetPaletteEntries
CloseMetaFile
CreateBitmapIndirect
SetStretchBltMode
LineTo
GetTextMetricsW
Polygon
PolyPolyline
BitBlt
ExtTextOutW
SetMapperFlags
ScaleWindowExtEx
GetFontData

comdlg32

ChooseColorA
GetFileTitleA

advapi32

SetServiceStatus
CryptVerifySignatureA
InitializeAcl
RegNotifyChangeKeyValue
CryptReleaseContext
CryptExportKey
SetSecurityInfo
OpenSCManagerW
RegisterEventSourceW
ImpersonateNamedPipeClient
RegisterEventSourceA
GetSidSubAuthorityCount
GetSecurityDescriptorControl
QueryServiceConfigA
EnumServicesStatusW
SetSecurityDescriptorDacl
CryptDestroyKey
GetSidLengthRequired
FreeSid
CloseEventLog
GetSecurityDescriptorGroup
ObjectCloseAuditAlarmW
AdjustTokenPrivileges
DestroyPrivateObjectSecurity
RegCreateKeyExW
DeregisterEventSource
GetCurrentHwProfileW
ClearEventLogW
LookupPrivilegeValueW
CryptGetProvParam
AddAccessDeniedAce
StartServiceCtrlDispatcherA
CryptDecrypt
CryptGetHashParam
LookupPrivilegeDisplayNameA
StartServiceCtrlDispatcherW
GetTokenInformation
CryptAcquireContextW

shell32

SHFileOperationA
DragFinish
SHBrowseForFolderA
SHAddToRecentDocs

ole32

OleGetIconOfClass

comctl32

PropertySheetA

shlwapi

StrCatBuffW
PathRemoveBlanksW
SHRegWriteUSValueW

Sections

.text
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c97657c3f4708b2a9023f2d1b38ff9c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

Sections

.text Size: 336KB - Virtual size: 333KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 31KB

.text
Size: 336KB - Virtual size: 333KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 31KB