28e06a1fd0756257db94cd72a2c8e747_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28e06a1fd0756257db94cd72a2c8e747_JaffaCakes118
Size

328KB
MD5

28e06a1fd0756257db94cd72a2c8e747
SHA1

bce7333f6318b11d601d67372459d7d3b79a3720
SHA256

01b6319e38c8827be2d6c23aa69f1d1d5ea7abc926aa64b9dd0c8a260d3e8ba8
SHA512

69bcceb02230427c35e916240ebc297039143bc2b509f56838cd8b4e9c3e3d6d6c9d90a3c5ea4b9e678163b076a419e80f1e3648a67d35c63a8dfa0824990039
SSDEEP

6144:od0KSnBXktna4vog5l2owfxVDqLxPj4uHoyhR1G0BYebYI:od0fXonUILwfxVDc5kuHo6R1G0BYEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e06a1fd0756257db94cd72a2c8e747_JaffaCakes118

Files

28e06a1fd0756257db94cd72a2c8e747_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e608255b44e68f84f6319f698249c929

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommBreak
VirtualQueryEx
ClearCommBreak
GetCommTimeouts
LocalLock
LocalSize
GlobalAddAtomA
GetAtomNameA
_lcreat
SetTapePosition
WriteProcessMemory
GlobalFlags
OpenEventA
CreateThread
GetThreadLocale
SetSystemTime
ExpandEnvironmentStringsW
ReadConsoleInputA
ExpandEnvironmentStringsA
lstrcpyW
EscapeCommFunction
FindFirstChangeNotificationW
LockResource
HeapAlloc
MulDiv
GetExitCodeThread
GetStringTypeA
MapViewOfFile
GetCurrentProcessId
SetTimeZoneInformation
GetStringTypeExW
TransactNamedPipe
GetDiskFreeSpaceW
GetCommandLineW
WriteConsoleOutputA
CompareFileTime
SetProcessShutdownParameters
IsValidLocale
GetPrivateProfileSectionW
SetCurrentDirectoryA
FileTimeToLocalFileTime
SetConsoleTextAttribute
WritePrivateProfileSectionW
CreateEventW
TryEnterCriticalSection
_hread
SetCommState
LocalFileTimeToFileTime
CallNamedPipeW
SetFileAttributesA
GetThreadContext
GlobalFree
GlobalUnlock
SetEndOfFile
GlobalMemoryStatus
GetCommandLineA
GetStartupInfoA
FreeResource
lstrcatA
DeviceIoControl
CreateDirectoryExW
SetLocalTime
LocalUnlock
CompareStringA
SetThreadExecutionState
GetExitCodeProcess
GetProfileIntW
CreateWaitableTimerA
WriteConsoleA
QueryPerformanceCounter
FindFirstChangeNotificationA
LCMapStringW
VirtualAlloc
ReadDirectoryChangesW
DeleteFileA
GetStartupInfoW
GlobalFindAtomA
CreatePipe
ReleaseMutex
GetEnvironmentStringsW
VirtualProtect
ScrollConsoleScreenBufferA
FreeEnvironmentStringsA
GetDiskFreeSpaceA
GetPriorityClass
GetStringTypeExA
LCMapStringA
AreFileApisANSI
SetStdHandle
GetCurrentDirectoryW
SetThreadPriorityBoost
GetFileAttributesExA
GetShortPathNameW
HeapValidate
FindFirstFileExW
GetHandleInformation
GetCurrentThreadId
GetConsoleScreenBufferInfo
LocalAlloc
GetDiskFreeSpaceExW
IsBadStringPtrW
ReadConsoleInputW
WaitCommEvent
SetHandleCount
GetBinaryTypeW
GetLongPathNameA
WriteConsoleInputA
EnumResourceTypesA
GetDiskFreeSpaceExA
WaitForMultipleObjects
GetVersionExA
lstrlenA
TerminateThread
ExitProcess

user32

TabbedTextOutA
GetAsyncKeyState
SendNotifyMessageW
FindWindowExA
EndMenu
GetIconInfo
PostMessageA
KillTimer
ModifyMenuA
SetUserObjectSecurity
CopyRect
IsWindowUnicode
GetScrollBarInfo
ToUnicode
PeekMessageW
SetCapture
CharToOemA
ChildWindowFromPoint
PeekMessageA
SetPropW
GetClassInfoExW
CreateAcceleratorTableW
MonitorFromWindow
LoadMenuW
SetForegroundWindow
LoadMenuA
EnumChildWindows
DefFrameProcW
SwitchDesktop
ShowWindow
EnumDisplaySettingsW
CheckMenuRadioItem
GetNextDlgGroupItem
DispatchMessageW
IsCharAlphaW
CharToOemBuffA
wvsprintfW
GetUpdateRgn
CreateDesktopA
ChangeDisplaySettingsExA
CreateDialogParamW
SendNotifyMessageA
EnumWindows
SetRectEmpty
GetPropA
CharToOemW
AppendMenuW
TrackPopupMenu
TrackPopupMenuEx
SetCursorPos
GetClipboardOwner
FrameRect
GetCaretPos
SendMessageCallbackW
HiliteMenuItem
GetKeyState
MessageBoxW
SetCaretBlinkTime
DrawFrameControl
SetProcessWindowStation

gdi32

CreatePenIndirect
SetViewportExtEx
PolyDraw
SetDIBits
EnumMetaFile
DeleteEnhMetaFile
TextOutA
StartPage
DPtoLP
SetDIBitsToDevice
GetTextCharset
RestoreDC

advapi32

MakeAbsoluteSD
CryptGetUserKey
RegLoadKeyW
RegSetValueW
AccessCheck
RegEnumKeyExW
CryptEncrypt
StartServiceW
NotifyChangeEventLog
CryptSetKeyParam
GetUserNameA
CloseServiceHandle
OpenEventLogW
GetServiceDisplayNameA
DuplicateTokenEx
RegisterServiceCtrlHandlerW

shell32

SHGetDesktopFolder
ShellExecuteW
DragQueryFileW

ole32

OleFlushClipboard

oleaut32

VariantChangeTypeEx
DispGetIDsOfNames
VariantCopyInd
SysAllocString

comctl32

CreateToolbarEx
DestroyPropertySheetPage

shlwapi

SHGetValueA
PathSkipRootW
StrPBrkW
PathIsFileSpecA
UrlCombineW
PathCombineA

setupapi

SetupDiEnumDriverInfoA
SetupOpenLog
SetupLogErrorW
SetupDiSetClassInstallParamsA
SetupDiGetINFClassA
SetupDiOpenDeviceInfoW
SetupFindNextLine
SetupDiEnumDriverInfoW
SetupDiGetDeviceInterfaceDetailW
SetupDiCallClassInstaller
SetupGetStringFieldW
SetupScanFileQueueW

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e608255b44e68f84f6319f698249c929

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 12KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 12KB