28b2684f31c8a3dd9795c9430aa365a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28b2684f31c8a3dd9795c9430aa365a1_JaffaCakes118
Size

320KB
MD5

28b2684f31c8a3dd9795c9430aa365a1
SHA1

aadfdcfc826b09a208f359cadabac4ed44d82ddd
SHA256

df95960ac3d7173ca7be65a2601e19b943fd79f343052a60be4895445da94536
SHA512

746d79ce2b8839e43c43bbce607ba44cb282849c71a3c36f829a08ef2c536e78401f36ba6141cff62922fb8dbb8684d91f159350a35470ed6c87864716cc809b
SSDEEP

6144:bHI0cE9M7cJ4UN/Ou+Z6sHl6SeFadWvOd27H1BfhKaD42So7IPt0WMUS:DzprGeFadWvc27VHKy4270t0GS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b2684f31c8a3dd9795c9430aa365a1_JaffaCakes118

Files

28b2684f31c8a3dd9795c9430aa365a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c98509f14dfd4b2abfeb6b79e99e863e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
GetPrivateProfileStructA
SwitchToThread
SetCurrentDirectoryA
CopyFileW
GetDriveTypeA
GetFileAttributesW
CreateIoCompletionPort
CopyFileA
OpenSemaphoreW
lstrcmpiA
GetLastError
GetLongPathNameA
LeaveCriticalSection
_lopen
GetProfileIntW
GetThreadSelectorEntry
EnumDateFormatsW
FindFirstChangeNotificationA
EnumTimeFormatsW
GetPriorityClass
GetCurrentProcess
GetProcAddress
GetTempFileNameW
IsDBCSLeadByteEx
WinExec
MultiByteToWideChar
CreateSemaphoreA
lstrlenA
UpdateResourceA
DeleteCriticalSection
OpenMutexW
ClearCommBreak
SwitchToFiber
CreateDirectoryA
GetCurrentDirectoryA
DeleteAtom
SetFileApisToOEM
ScrollConsoleScreenBufferA
GetProcessAffinityMask
EndUpdateResourceA
GetProfileStringW
SetThreadPriority
PeekNamedPipe
IsBadStringPtrA
GetDateFormatA
GetTapeParameters
PeekConsoleInputA
WaitForMultipleObjectsEx
OpenEventA
FindFirstFileW
IsBadReadPtr
CreateProcessW
DeleteFileW
OutputDebugStringA
GetQueuedCompletionStatus
GetNumberOfConsoleInputEvents
GetNumberFormatA
SetMailslotInfo
GetProcessWorkingSetSize
GetPrivateProfileIntW
ConvertDefaultLocale
VirtualProtect
lstrcmpiW
GetShortPathNameA
RemoveDirectoryW
CreateEventA
GetLocalTime
UnlockFile
AddAtomA
GetTapeStatus
QueryDosDeviceW
GlobalSize
GetFileType
CreateEventW
SetSystemTime
SetThreadPriorityBoost
GetTickCount
InterlockedCompareExchange
PeekConsoleInputW
SetProcessWorkingSetSize
PulseEvent
GetWindowsDirectoryW
EnumResourceLanguagesW
LoadResource
WriteFileGather
GetModuleFileNameA
FindFirstFileA
_lcreat
TransactNamedPipe
GetStringTypeW
LocalReAlloc
lstrcmpW
EnumCalendarInfoW
BackupRead
GetTimeFormatA
IsBadWritePtr
UnhandledExceptionFilter
WaitCommEvent
GetTapePosition
GetCommConfig
GetProfileIntA
GetCommState
GetCommandLineA
GetVersionExA
SetConsoleMode
ExitProcess

user32

SendMessageTimeoutW
IsIconic
ShowWindow
LoadStringW
GetWindowPlacement
EnumDisplayDevicesA
ReleaseDC
ShowCursor
GetSystemMetrics
GetMenu
CharLowerW
NotifyWinEvent
LoadBitmapW
ToAscii
SetCapture
GetKeyboardLayoutNameW
RegisterDeviceNotificationW
TrackMouseEvent
CharNextA
GetKeyNameTextW
GetDlgItemInt
EnableWindow
MoveWindow
GetIconInfo
SetProcessDefaultLayout
GetMenuItemInfoW
LoadCursorW
SendNotifyMessageW
GetMenuStringW
MonitorFromRect
CreateCaret

gdi32

CopyEnhMetaFileW
Chord
BitBlt
SetDIBitsToDevice

comdlg32

GetOpenFileNameA

advapi32

UnlockServiceDatabase
QueryServiceLockStatusW
RevertToSelf
CloseEventLog
LookupPrivilegeDisplayNameA
IsValidSecurityDescriptor
CryptImportKey
ObjectCloseAuditAlarmA
InitializeAcl
RegSetKeySecurity
RegCreateKeyExW
GetAce
SetPrivateObjectSecurity
OpenSCManagerW
CryptDecrypt
StartServiceCtrlDispatcherA
CryptExportKey
SetNamedSecurityInfoA
CreateServiceW
SetFileSecurityW
RegSaveKeyA
ControlService
IsValidAcl
LockServiceDatabase
CryptGetKeyParam
NotifyBootConfigStatus
RegSaveKeyW
DuplicateTokenEx
AddAccessAllowedAce
RegRestoreKeyA
CryptDeriveKey
CryptHashData
RegEnumKeyW
RegisterServiceCtrlHandlerW
AccessCheckAndAuditAlarmA

shell32

SHAddToRecentDocs

ole32

CoResumeClassObjects
StringFromIID

oleaut32

VariantCopy
SysAllocStringLen
GetErrorInfo

comctl32

ImageList_SetDragCursorImage
ImageList_SetImageCount

setupapi

SetupDiClassNameFromGuidW
SetupCommitFileQueueA
SetupDiGetDeviceInfoListDetailA
SetupDiSetSelectedDriverA
SetupDiGetClassDevsW
SetupDiGetDriverInfoDetailW
SetupOpenInfFileA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstallParamsA

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c98509f14dfd4b2abfeb6b79e99e863e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

setupapi

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB