28a2e92e736d1b964a495999d7a0c0ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28a2e92e736d1b964a495999d7a0c0ac_JaffaCakes118
Size

332KB
MD5

28a2e92e736d1b964a495999d7a0c0ac
SHA1

f9f25a14002e120b77428aeeb7c2595b94b88126
SHA256

8777b71ad18a461e6ebd8fa24e47ec8f4bbf50a578e753682c9e078747f5ad33
SHA512

719dc361a89905f0449b53414683213bf1a5bc44c763a4897b72f3be78db620da5bd44b930da4e1f1d57674a2ab38b1854604aad513c48354b9bd740a6b90f00
SSDEEP

6144:decZr15Cl8Una/CWXcqQgCs8uJ7qlCdHJAM0TnKrbQ36Qs7aiINh+2tqZN/tsQoF:1r8a/FX1Z8uJZd30TnKXZ2ic+dnloBk8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28a2e92e736d1b964a495999d7a0c0ac_JaffaCakes118

Files

28a2e92e736d1b964a495999d7a0c0ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8b54c6cb5201b1ba78af91d4e103fbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
SetCurrentDirectoryA
ScrollConsoleScreenBufferA
GetShortPathNameW
lstrcpyA
ExitProcess
CreateProcessA
_lread
GetNumberFormatW
SetLastError
FindFirstFileExW
TlsGetValue
QueryPerformanceFrequency
SetThreadIdealProcessor
FileTimeToLocalFileTime
WaitNamedPipeW
SearchPathW
VirtualAlloc
GetDriveTypeA
PulseEvent
SuspendThread
GetEnvironmentStrings
GetOEMCP
_hread
FindResourceExA
EnumResourceTypesA
GetHandleInformation
WaitNamedPipeA
SetTimeZoneInformation
FileTimeToSystemTime
DeleteFileA
QueueUserAPC
WaitForMultipleObjects
RaiseException
GetConsoleScreenBufferInfo
CompareStringW
OutputDebugStringA
GetModuleHandleA
GetPrivateProfileStructA
GetDateFormatA
GetBinaryTypeA
EscapeCommFunction
GetStdHandle
IsBadStringPtrA
FindAtomA
GetLongPathNameW
GetEnvironmentVariableW
FoldStringW
SetupComm
WriteConsoleInputA
GetCommandLineA

user32

EmptyClipboard
SetScrollPos
IsZoomed
GetDlgCtrlID
LoadImageA
GetMonitorInfoA
FindWindowExW
OpenWindowStationW
BeginPaint
UnregisterHotKey
PostMessageW
GetClassLongA
CreateWindowStationW
SetPropA
VkKeyScanA
LoadBitmapA
RegisterHotKey
GetMenuItemInfoA
wsprintfA
LockWindowUpdate
InsertMenuItemA
CreateIconFromResource
CreatePopupMenu
ReplyMessage
GetMenuItemCount
AdjustWindowRectEx
RemovePropA
CharToOemW
ShowScrollBar
GetSubMenu
CreateAcceleratorTableA
UnhookWindowsHookEx
InsertMenuA
CharUpperBuffA
IsWindowEnabled
DispatchMessageA
RegisterClipboardFormatW
EnumWindowStationsW
IsMenu
GetClientRect
SetWindowTextW
GetKeyboardLayoutList
WaitMessage
LoadKeyboardLayoutW
LoadCursorA
wvsprintfA
PeekMessageW
DrawMenuBar
ChangeDisplaySettingsExA
IsCharAlphaNumericA
LoadIconA
GetForegroundWindow
SwapMouseButton
OpenWindowStationA
TileWindows
OemToCharBuffW
SetMessageQueue
SetPropW
CharUpperBuffW
ExcludeUpdateRgn
GetKeyboardState
ReleaseDC
GetShellWindow
IsClipboardFormatAvailable

gdi32

CreateHalftonePalette
SelectClipRgn
CreateRoundRectRgn
CombineRgn
PlayMetaFile
WidenPath
GetObjectType
GdiComment
DeleteEnhMetaFile
CloseMetaFile
GetCharWidth32A

comdlg32

PrintDlgW
FindTextW

advapi32

GetSecurityDescriptorLength
AllocateLocallyUniqueId
DuplicateToken
RegisterServiceCtrlHandlerW
DeregisterEventSource
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
RegQueryInfoKeyA
CryptVerifySignatureA
RegCloseKey
RegSetValueExA
InitializeAcl
RegEnumKeyA
InitiateSystemShutdownA
SetEntriesInAclW
UnlockServiceDatabase
RegCreateKeyExA
CryptSetProvParam
ReadEventLogW
GetSecurityDescriptorControl
PrivilegeCheck
RegSetValueW
CryptSetHashParam
CreateServiceW
EnumDependentServicesW
SetFileSecurityA
CreateProcessAsUserA
CryptGenRandom
CryptDeriveKey
CryptDestroyHash
SetPrivateObjectSecurity
LogonUserA
RegOpenKeyExW
EnumServicesStatusA
AddAccessDeniedAce
QueryServiceConfigA
LookupAccountSidA
GetSecurityDescriptorGroup
RegDeleteValueW
RegDeleteKeyA
LookupAccountSidW

shell32

ExtractIconExA
ShellExecuteW

ole32

CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateDataAdviseHolder
MkParseDisplayName
WriteFmtUserTypeStg
CoCreateInstance

oleaut32

SafeArrayGetLBound
SysAllocString
SafeArrayPutElement
SafeArrayUnaccessData
SysAllocStringLen
LoadTypeLibEx
VariantChangeTypeEx
SysFreeString
SysReAllocStringLen

comctl32

CreateToolbarEx
ImageList_EndDrag
_TrackMouseEvent
PropertySheetW

shlwapi

StrCpyNW
StrCmpNIA
StrTrimA
PathStripPathA
SHCopyKeyW
PathStripPathW
SHRegCloseUSKey
StrCatBuffA

setupapi

SetupDiSetSelectedDriverW
SetupOpenInfFileW
SetupDiOpenDeviceInfoW
SetupScanFileQueueA
SetupGetLineCountW
SetupInitDefaultQueueCallback
SetupGetStringFieldA

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8b54c6cb5201b1ba78af91d4e103fbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 289KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 292KB - Virtual size: 289KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 24KB