28db25420d4f12b951d274edc065b7f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28db25420d4f12b951d274edc065b7f7_JaffaCakes118
Size

328KB
MD5

28db25420d4f12b951d274edc065b7f7
SHA1

0915096bef941005892ce16c4c2122894cc74d5b
SHA256

b388a6c029b6448cb4e1de65e4f1590c1912f41fd640080c295779fa1f006ee9
SHA512

024beeb46743f3a1b2e67da9771da84bee118c938a0216dec708f8f6e28b390036a2c0d0752760d68c70b7ae886d0249a7f712c56c97f40ecb17fe141283dff4
SSDEEP

6144:usvAxI74ZpAi2m+2bBqwlFTyAv70T0luIi1C22oQUPoyBiueMc0:us0G4Z2i2niBbbyAv70VM22oQUPoC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28db25420d4f12b951d274edc065b7f7_JaffaCakes118

Files

28db25420d4f12b951d274edc065b7f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7184a44e4787b98e3071bb8ff13f57d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
ExitProcess
FreeLibraryAndExitThread
EnumResourceNamesA
MoveFileExA
SizeofResource
GlobalAddAtomW
GetCompressedFileSizeW
CopyFileExW
CreateIoCompletionPort
GetFileInformationByHandle
GetAtomNameA
GetFullPathNameA
FindCloseChangeNotification
EnumResourceLanguagesW
GetHandleInformation
ExpandEnvironmentStringsW
CreateEventA
GetDateFormatA
FreeResource
QueryDosDeviceW
SetEnvironmentVariableW
WriteConsoleOutputW
IsValidLocale
OutputDebugStringA
PeekConsoleInputW
GlobalReAlloc
LocalReAlloc
FlushFileBuffers
MultiByteToWideChar
GetBinaryTypeW
LoadLibraryExA
PrepareTape
GetCommandLineA
VirtualProtect

user32

PostThreadMessageA
SendMessageTimeoutW
RemovePropA
GetParent
SendNotifyMessageW
GetDialogBaseUnits
GetClipboardData
SubtractRect
DefWindowProcA
GetSubMenu
TranslateAcceleratorW
SetMessageQueue
InvalidateRgn
SetLastErrorEx
FlashWindow
OpenClipboard
BroadcastSystemMessageA
LoadImageW
RegisterDeviceNotificationA
PostMessageA
FindWindowA
UnhookWinEvent
GetForegroundWindow
MapVirtualKeyA
GetShellWindow
CopyImage
GetUpdateRgn
EnumDisplaySettingsExW
DeferWindowPos
EnumDesktopWindows
SetWindowLongW
EnumWindowStationsA
LoadMenuA
LoadImageA
wsprintfW
GetTabbedTextExtentW
RegisterClassW
EnumDisplayDevicesA
GetMonitorInfoW
GetDCEx
LoadAcceleratorsA
CloseDesktop
GetDC
DefFrameProcA
GetClientRect
SetDlgItemTextA
ScrollWindowEx
RegisterDeviceNotificationW
SetClipboardViewer
GetMenuItemInfoA
InSendMessage
SetForegroundWindow
WaitMessage
IsCharUpperA
IsCharAlphaNumericW
SetUserObjectSecurity
InvalidateRect
GetSystemMenu
CreateIconFromResource

gdi32

SetTextColor
CreatePolyPolygonRgn
SetSystemPaletteUse
ExcludeClipRect
RemoveFontResourceW
GetWindowExtEx
PtVisible
SetPixel
PolyBezier
DeleteObject
DescribePixelFormat

advapi32

AllocateAndInitializeSid
ChangeServiceConfigA
AbortSystemShutdownW
RegFlushKey
CryptAcquireContextA
GetSecurityDescriptorOwner
RegCloseKey
RegDeleteValueA
SetNamedSecurityInfoA
GetSidIdentifierAuthority
CryptHashData
CryptCreateHash
AddAccessDeniedAce
RegDeleteKeyA
LookupPrivilegeNameA
AddAccessAllowedAce
RegOpenKeyExW
RegUnLoadKeyW
RegisterEventSourceA
ObjectDeleteAuditAlarmW
SetKernelObjectSecurity
OpenSCManagerW
EqualSid
GetPrivateObjectSecurity
RegLoadKeyW
CreateServiceW
CryptSetKeyParam

shell32

ExtractIconExW
ShellExecuteA
Shell_NotifyIconA
FindExecutableA

ole32

CoRegisterClassObject
MkParseDisplayName
OleSetMenuDescriptor
CreateStreamOnHGlobal
CreateBindCtx

oleaut32

SafeArrayGetLBound
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayGetElement
SetErrorInfo
SysFreeString
VariantCopy

comctl32

ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_DragEnter

shlwapi

SHAutoComplete
PathCanonicalizeA
UrlGetPartA
StrCatBuffW
PathAppendA
PathFindFileNameA
PathIsUNCW
SHRegCloseUSKey
SHStrDupW
StrChrA
StrToIntExW
SHGetValueA
UrlIsW
StrCatW

setupapi

SetupFindFirstLineW
SetupDiClassNameFromGuidW

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7184a44e4787b98e3071bb8ff13f57d8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 17KB