289327909deb88b2a9153a9ad69c94ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

289327909deb88b2a9153a9ad69c94ba_JaffaCakes118
Size

312KB
MD5

289327909deb88b2a9153a9ad69c94ba
SHA1

edcd9799b818e28c2c8cc831ac49587d3ad12e6b
SHA256

db74ee71db3126915b5f307b616b0949aaa319393f5ab5822000fdcd3f10f352
SHA512

9741cf88c3a6b60c9b5c084141346d87ecf94a1a42292b2fcca43506b78364636bac5850b18541d37824d0d8c20123b3c4029589e35fff89e0dd635c6efe572b
SSDEEP

6144:tScuth44jpN7SI9JFGdeEIxn3ZXymtR+esp1pbaS4GZAd+zSgd6+iSkV:5E4qT9JZPxn3ZXFwbbb4GavL+fk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289327909deb88b2a9153a9ad69c94ba_JaffaCakes118

Files

289327909deb88b2a9153a9ad69c94ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ff01fdfc61d8fc85ab54ea31a46f2bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadLocale
DosDateTimeToFileTime
CreateNamedPipeW
WriteFileGather
FindFirstChangeNotificationW
SetConsoleCtrlHandler
HeapReAlloc
GetTimeFormatA
FindClose
SetThreadIdealProcessor
lstrcatA
FoldStringW
FreeLibraryAndExitThread
SystemTimeToFileTime
GetModuleHandleW
CreateIoCompletionPort
GetCPInfo
IsBadReadPtr
EnumCalendarInfoW
GetOEMCP
ResetEvent
GetTempPathW
SearchPathA
GetThreadLocale
RemoveDirectoryA
GetLocaleInfoW
GetCommandLineA
DeleteCriticalSection
EnumResourceNamesW
GetVersion
GetTapeParameters
SetLocalTime
FlushFileBuffers
GetCommandLineW
Sleep
OpenMutexW
CreateRemoteThread
GetSystemTimeAsFileTime
WriteConsoleA
SwitchToThread
SetWaitableTimer
GetWindowsDirectoryA
CreateFileW
GetVolumeInformationW
GetFileAttributesExA
lstrcpyW
CreateFileMappingW
CreateDirectoryExW
FreeEnvironmentStringsA
OpenEventA
GetCurrentDirectoryW
ReadConsoleW
UnmapViewOfFile
GetAtomNameW
GetProfileIntW
GlobalMemoryStatus
GetCommModemStatus
GetTempFileNameW
lstrcmpiA
FindFirstFileExW
GetCommTimeouts
IsBadCodePtr
LeaveCriticalSection
EscapeCommFunction
WaitCommEvent
LCMapStringA
LoadResource
GetDriveTypeA
GetDiskFreeSpaceA
lstrcmpiW
GlobalReAlloc
GetCurrentProcess
SearchPathW
lstrcatW
SetFileAttributesA
EnumDateFormatsW
CreateSemaphoreA
WritePrivateProfileSectionW
DuplicateHandle
FormatMessageA
SetStdHandle
CreateSemaphoreW
GetExitCodeThread
GetHandleInformation
MapViewOfFileEx
GetPrivateProfileSectionNamesA
HeapCreate
FindFirstFileW
GetSystemTimeAdjustment
UnlockFile
SetConsoleOutputCP
SetFileAttributesW
GetTapeStatus
WriteConsoleW
GetCurrentDirectoryA
_lcreat
GetThreadContext
QueryPerformanceFrequency
LoadLibraryExW
ExitThread
FindNextFileA
BackupWrite
LocalUnlock
_lclose
WriteConsoleOutputA
GetCommProperties
FlushConsoleInputBuffer
GetVersionExA
VirtualProtect
GetTempFileNameA
ExitProcess

user32

CloseClipboard
GetClipboardViewer
SetWindowsHookW
CharUpperW
CloseWindow
GetGuiResources
SetUserObjectSecurity
GetInputState
LoadBitmapA
VkKeyScanW
EnableMenuItem
CharLowerA
ChangeClipboardChain
DestroyCaret
InflateRect
EndDeferWindowPos
RegisterWindowMessageA
GetClassInfoW
AttachThreadInput
SetCursorPos
GetShellWindow
CallWindowProcW
SetTimer
GetDesktopWindow
SetClassLongA
MsgWaitForMultipleObjects
CreateDialogParamW
CheckMenuRadioItem
SetWindowTextA
LoadImageA
BeginDeferWindowPos
MapWindowPoints
RegisterClassA
GetKeyState
GetKeyboardType
SetMenu
ReleaseDC
IsCharLowerA
GetKeyNameTextA
ExitWindowsEx
PostMessageW
GetWindow
wsprintfA
GetMenuInfo
MapVirtualKeyA
DrawIcon
SendMessageA
wvsprintfW
LoadIconA
MoveWindow
UnregisterHotKey
EnumClipboardFormats
UnloadKeyboardLayout
TrackMouseEvent
CopyImage
CharPrevW
PeekMessageA
GetDlgItemTextW
GetUpdateRect
EndMenu
DestroyWindow
ScrollWindowEx

gdi32

GetTextFaceW
GetTextExtentPoint32W
GetTextCharacterExtra
SelectClipPath
SetBitmapBits
ExtCreatePen
DeleteMetaFile
SetPixelV
PolyBezier
GetViewportOrgEx
SetBkMode

comdlg32

GetOpenFileNameW

advapi32

GetServiceDisplayNameA
GetSecurityDescriptorGroup
OpenProcessToken
StartServiceW
EnumServicesStatusW
CryptVerifySignatureW
RegSetValueExA
RegQueryValueW
CryptSetProvParam
NotifyBootConfigStatus
RegCreateKeyA
EqualSid
GetUserNameA
DuplicateTokenEx

shell32

DragFinish
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHFileOperationA
DuplicateIcon

ole32

CLSIDFromProgID
CoQueryProxyBlanket
OleLockRunning
WriteClassStg
CoCreateInstanceEx
CoCreateFreeThreadedMarshaler

oleaut32

SafeArrayUnaccessData
SysAllocString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayCreate
SafeArrayRedim

shlwapi

StrRStrIW
PathParseIconLocationW
StrChrIA
PathFindOnPathW
HashData
StrDupA
PathFindExtensionA
PathAddBackslashW
PathStripPathA
SHEnumValueW
StrRetToBufW
StrChrW
PathIsRelativeA
PathCanonicalizeA
StrCmpW
StrCmpIW
SHCopyKeyW
PathIsFileSpecW
SHOpenRegStream2W

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ff01fdfc61d8fc85ab54ea31a46f2bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 13KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 13KB