286eb21fde9250793f2053fc4f2b767d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

286eb21fde9250793f2053fc4f2b767d_JaffaCakes118
Size

292KB
MD5

286eb21fde9250793f2053fc4f2b767d
SHA1

783980f3084a0f2e318336a7f944bfa6b37f741e
SHA256

a9afc53edcc8444f83a887e587a9a09f9b08aae4fb842951d8872790983b8eba
SHA512

791fca61af5a1a2fc8d9216031ddf2746ddfa763dd59cb3c0aa44c18b07aedcc6d3c84bbd924aa8e4d411505a2cc8c24dd037a0f33dc1f0a9a105814b834e772
SSDEEP

6144:IrzxNOUpc65LHXDW3xW/ZNI94nVnORqB4RZcs+oIST28A:ORpc8DW3xWRiSVnORqB4RJ0Six

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
286eb21fde9250793f2053fc4f2b767d_JaffaCakes118

Files

286eb21fde9250793f2053fc4f2b767d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bbd70ab5a0932ee82ab105242a0fb37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateRemoteThread
ClearCommBreak
CopyFileExW
VirtualAllocEx
SetEndOfFile
WriteProcessMemory
WaitForSingleObject
GetBinaryTypeW
DeleteFileW
MoveFileW
GetProfileIntA
GlobalReAlloc
GetTimeFormatA
GlobalAlloc
QueueUserAPC
TransactNamedPipe
AddAtomA
WriteFile
WritePrivateProfileStructA
GetDateFormatW
GetProcessTimes
GetSystemTimeAsFileTime
WideCharToMultiByte
SetNamedPipeHandleState
EscapeCommFunction
GetFullPathNameA
GetStdHandle
WriteConsoleA
SetConsoleTextAttribute
ClearCommError
GetTapeParameters
FileTimeToSystemTime
WritePrivateProfileStringW
GetShortPathNameA
GenerateConsoleCtrlEvent
OpenSemaphoreW
GetModuleFileNameW
SetCommMask
GlobalFindAtomA
SetFileAttributesW
RemoveDirectoryA
SetEnvironmentVariableW
ExitThread
GetDriveTypeA
GetNamedPipeInfo
GetLargestConsoleWindowSize
WriteConsoleOutputW
LockResource
WaitCommEvent
CallNamedPipeW
FillConsoleOutputCharacterA
FormatMessageW
EnumTimeFormatsW
GetFullPathNameW
SwitchToFiber
FindResourceW
GetProcessVersion
GetNumberFormatA
LocalAlloc
OpenEventA
SetFileTime
IsBadWritePtr
SetFileApisToOEM
GetPrivateProfileStructA
SetFilePointer
GlobalAddAtomW
GetProfileStringA
UnmapViewOfFile
VirtualUnlock
lstrlenW
GetConsoleCP
SuspendThread
WriteTapemark
EnumResourceLanguagesW
HeapAlloc
CompareStringA
GetOEMCP
FlushViewOfFile
OutputDebugStringW
PostQueuedCompletionStatus
FreeEnvironmentStringsA
GetEnvironmentStringsW
CreateDirectoryA
CreateDirectoryExA
InterlockedIncrement
WaitForMultipleObjects
WriteFileGather
VirtualProtect
GetDiskFreeSpaceExA
WaitNamedPipeW
GetVolumeInformationA
Beep
GetUserDefaultLangID
GlobalFree
GetExitCodeThread
GetCurrentThreadId
GetConsoleScreenBufferInfo
SetEvent
OpenFile
MoveFileA
FileTimeToDosDateTime
BackupWrite
DefineDosDeviceA
ReadFileScatter
GetFileInformationByHandle
IsValidLocale
SetThreadIdealProcessor
GetStringTypeW
GlobalDeleteAtom
GetDriveTypeW
GetCommTimeouts
DeleteFiber
TlsSetValue
GetVersionExA
GetCommandLineA
ReadConsoleOutputA
ExitProcess

user32

GetWindowContextHelpId
wsprintfW
GetMenuStringA
DrawIcon
GetMenuItemCount
CopyAcceleratorTableW
DeleteMenu
RegisterDeviceNotificationA
SetThreadDesktop
CharUpperW
ExitWindowsEx
GetWindowPlacement
ValidateRgn
SetFocus
MessageBeep
DefWindowProcA
GetNextDlgTabItem
GetKeyboardLayoutList
GetAncestor
GetKeyboardLayoutNameA
GetUserObjectInformationA
RegisterDeviceNotificationW
IsCharUpperW
SetUserObjectInformationW
ShowCursor
SetProcessWindowStation
PeekMessageW
GetDCEx
RegisterClipboardFormatW
SetWindowRgn
GetMessageTime
CreateIconFromResource
SetScrollPos
IsCharAlphaA
SetWindowLongA
SetSysColors
SetMessageQueue
RemoveMenu
GetMenuStringW
CopyIcon
GetNextDlgGroupItem
DialogBoxParamW
OpenClipboard
CharLowerBuffW
IsCharLowerA
IsWindow
EnableWindow
ChildWindowFromPoint
ShowScrollBar
OemToCharBuffA
SetClipboardData
IntersectRect
SetWindowsHookW
FrameRect
IsChild
EnumThreadWindows
GetMessageA
SetWindowPos
PostQuitMessage
CreateDialogIndirectParamW
FindWindowW
ActivateKeyboardLayout

gdi32

SelectPalette
EndPage
GetPaletteEntries
SelectObject
EndDoc
GetSystemPaletteUse
CreateDCW
ExtFloodFill
InvertRgn
GetViewportOrgEx
FillRgn
GetCurrentPositionEx
Rectangle
GetMetaFileBitsEx
SetBkColor
MaskBlt

advapi32

GetExplicitEntriesFromAclW
CreateProcessAsUserA
CryptAcquireContextA
LookupAccountSidW
GetNamedSecurityInfoA
CryptDecrypt
StartServiceA
GetServiceDisplayNameW
CryptImportKey

shell32

SHGetSpecialFolderPathW
SHGetDesktopFolder
SHChangeNotify
ExtractIconExW
Shell_NotifyIconA
ExtractAssociatedIconW

ole32

WriteClassStm
IsAccelerator
CoSetProxyBlanket
StringFromIID
DoDragDrop
CoUninitialize
CoInitialize
OleGetIconOfClass
OleCreateFromData
GetHGlobalFromStream

oleaut32

SafeArrayGetElement
SysAllocStringLen
SysStringLen
SysReAllocStringLen
DispGetIDsOfNames
SafeArrayGetUBound
QueryPathOfRegTypeLi
VariantClear
VariantChangeType
GetActiveObject

comctl32

ImageList_Replace

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiSetSelectedDriverW
SetupDiSetDeviceInstallParamsW
SetupDiCreateDeviceInfoA
SetupPromptReboot
SetupDiGetClassDescriptionExA
SetupGetLineCountA
SetupTermDefaultQueueCallback
SetupGetStringFieldW

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bbd70ab5a0932ee82ab105242a0fb37

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

setupapi

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB