287b34da8b036afd0358e6a6fb5a5716_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

287b34da8b036afd0358e6a6fb5a5716_JaffaCakes118
Size

344KB
MD5

287b34da8b036afd0358e6a6fb5a5716
SHA1

76892ffa2be76e5c5be85cfb0c954b152ccc4646
SHA256

7cc1318a43d4de249029c403f9a224750e349431e3bf636312f6a22d4320e7f0
SHA512

b24ed872f78d3fb9749f60cdb0a3ee45855b4c341e797888c681c8c5612f0cebd7a98bbf96e52b1b7020c64216f9edb8294873cfc04905a0383f7d0d4c55b4f7
SSDEEP

6144:QPE5xIXaEWPxS684eEMITh+gE0hGHkbZGKgetEwcq8s5IUH7Cn:kE5xxEWG4ZMIwgnhdGKgKHcRAIUHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
287b34da8b036afd0358e6a6fb5a5716_JaffaCakes118

Files

287b34da8b036afd0358e6a6fb5a5716_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76c15417df694c773979fd052d497fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
SetProcessShutdownParameters
CreateDirectoryExA
GetTapeStatus
SetFileAttributesA
SetVolumeLabelA
GetFileInformationByHandle
IsValidLocale
SetEnvironmentVariableA
SizeofResource
SetProcessWorkingSetSize
GetModuleHandleA
LocalAlloc
ReadDirectoryChangesW
GetNumberFormatW
IsProcessorFeaturePresent
SetProcessAffinityMask
EnumSystemCodePagesA
FindNextChangeNotification
GetAtomNameA
ScrollConsoleScreenBufferA
EnumCalendarInfoA
SetStdHandle
PeekConsoleInputW
IsDBCSLeadByteEx
CreateFileW
GetTempPathW
GetUserDefaultLCID
GetOEMCP
GetConsoleMode
SetConsoleActiveScreenBuffer
GetCPInfo
VirtualQuery
GlobalReAlloc
GetSystemTimeAdjustment
IsBadReadPtr
GetCompressedFileSizeW
SwitchToFiber
GetACP
GetSystemTime
SetThreadPriorityBoost
GetProcessHeap
AreFileApisANSI
EndUpdateResourceA
GetCommModemStatus
FreeLibraryAndExitThread
LeaveCriticalSection
GlobalAddAtomW
FindResourceExA
GetComputerNameW
SetHandleCount
SetLastError
SetFileTime
LocalFileTimeToFileTime
VirtualProtect
GetVersionExA
CreateMutexW
GlobalFindAtomA
FlushConsoleInputBuffer
GetOverlappedResult
PulseEvent
VirtualAlloc
GetTempFileNameA
GetCommandLineA
CreateDirectoryA
ExitProcess

user32

HideCaret
GetCaretBlinkTime
SetMenuItemBitmaps
LoadMenuIndirectW
GetDlgItemInt
GetDesktopWindow
ShowCursor
GetWindowTextA
GetWindowTextW
SetWindowRgn
ChangeDisplaySettingsW
WindowFromPoint
MenuItemFromPoint
RemovePropW
IsDialogMessageA
CheckMenuItem
AttachThreadInput
DefFrameProcW
FrameRect
CascadeWindows
SetWindowWord
GetShellWindow
UnionRect
MonitorFromRect
RemovePropA
WaitForInputIdle
CharToOemBuffA
GetScrollRange
PostMessageA
DestroyMenu
GrayStringA
RegisterClassA
PostMessageW
GetKeyboardLayoutNameW
DialogBoxParamW
wvsprintfA
CreateMDIWindowW
CreateCursor
GetMenuCheckMarkDimensions
MessageBeep
GetMessageTime
SwitchToThisWindow
IsWindowVisible
ValidateRect
GetKeyNameTextA
SubtractRect
ReleaseDC
WinHelpA
ModifyMenuA
ScrollWindowEx
IsWindow
MessageBoxIndirectW
ClientToScreen
GetSystemMenu
LoadBitmapW
CharLowerW
InflateRect
RemoveMenu

gdi32

CreateDiscardableBitmap
GetDIBColorTable
SetPixel
EndPath
TranslateCharsetInfo
PaintRgn

comdlg32

ChooseColorW
PageSetupDlgW

shell32

SHChangeNotify
ExtractIconA
SHLoadInProc
SHAddToRecentDocs
SHFileOperationW
SHFileOperationA

ole32

StringFromGUID2
OleQueryLinkFromData
OleFlushClipboard
CoTreatAsClass

oleaut32

SysAllocStringLen
SafeArrayCreate
SetErrorInfo

comctl32

ImageList_Replace
ImageList_GetBkColor

shlwapi

PathUndecorateW
StrTrimA
ChrCmpIW
PathRemoveFileSpecA
PathIsUNCServerW
StrStrIW
PathIsNetworkPathW
StrRChrW
PathCommonPrefixW
PathRelativePathToW
PathIsUNCA
SHRegGetBoolUSValueW
PathRemoveFileSpecW
StrStrW
StrChrIW

setupapi

SetupGetLineTextA
SetupDiGetClassDevsA
SetupCommitFileQueueA
SetupDiEnumDeviceInfo
SetupDiOpenDeviceInterfaceW
SetupDiClassGuidsFromNameW
SetupPromptReboot
SetupTermDefaultQueueCallback
SetupDiGetDeviceInstallParamsA
SetupDefaultQueueCallbackA

Sections

fdzno
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

woZfD
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

mftddj
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CLFLl
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76c15417df694c773979fd052d497fec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

fdzno Size: 284KB - Virtual size: 280KB

woZfD Size: 8KB - Virtual size: 4KB

mftddj Size: 16KB - Virtual size: 14KB

CLFLl Size: 32KB - Virtual size: 31KB

fdzno
Size: 284KB - Virtual size: 280KB

woZfD
Size: 8KB - Virtual size: 4KB

mftddj
Size: 16KB - Virtual size: 14KB

CLFLl
Size: 32KB - Virtual size: 31KB