2904df59ea03e4a9771330460ae346d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2904df59ea03e4a9771330460ae346d3_JaffaCakes118
Size

315KB
MD5

2904df59ea03e4a9771330460ae346d3
SHA1

658e39c60ff2f346fe41f0aa7531965bf9043633
SHA256

6e98e9cdffd0472f5a2cb5d734e3b7ed60ffc504ca47f5ffabf3a635478cfc62
SHA512

9a7590ead18da96770dd37b356501d36d7aab94565a0b487e127f0bee109c8f55cc7d22c49f4dbc4092ad4fc54116218b014e1d4cdf27fbd29d31ee78b165f4e
SSDEEP

6144:nD6bBTl+mVfNCMMU2RjP87LBY57VMqyJetRsVExT:2lTcmVAXnb87LIVFrtRsVEx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2904df59ea03e4a9771330460ae346d3_JaffaCakes118

Files

2904df59ea03e4a9771330460ae346d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99cb483058e100d55690f5aab4330c86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GlobalUnlock
CopyFileExW
GetVolumeInformationW
ExpandEnvironmentStringsW
WaitNamedPipeA
SetStdHandle
SetConsoleMode
GlobalGetAtomNameW
GenerateConsoleCtrlEvent
SetFileAttributesA
GetCompressedFileSizeW
LocalAlloc
FreeEnvironmentStringsA
ReadConsoleA
IsDBCSLeadByteEx
GetFullPathNameA
RaiseException
VirtualQueryEx
VirtualAllocEx
IsProcessorFeaturePresent
EnumSystemCodePagesW
CreateDirectoryA
LocalLock
GetAtomNameA
GetCommModemStatus
GetSystemTimeAdjustment
GlobalAddAtomA
SuspendThread
GetTapeParameters
EraseTape
GetProfileStringA
lstrcpyA
PulseEvent
IsBadReadPtr
GetDateFormatA
SetThreadLocale
_hread
WriteProcessMemory
ExitThread
GetLongPathNameA
EnumTimeFormatsW
GetTickCount
lstrcmpA
GetBinaryTypeA
CreateMutexW
SetEndOfFile
CreateDirectoryExA
LoadLibraryExW
ConnectNamedPipe
SetCommMask
SetProcessWorkingSetSize
FreeLibraryAndExitThread
GetFileType
GetStartupInfoA
GetPrivateProfileStringA
EnumCalendarInfoA
EndUpdateResourceA
SetErrorMode
QueryDosDeviceW
lstrcpynA
SetCommTimeouts
IsBadWritePtr
GetACP
WritePrivateProfileStructA
GetProcessHeap
GetConsoleCursorInfo
SetEvent
SetConsoleCursorPosition
GetUserDefaultLCID
GetFileInformationByHandle
LocalFileTimeToFileTime
SetSystemTime
GetCurrentProcess
FormatMessageW
FormatMessageA
FindFirstFileW
GetBinaryTypeW
EnumResourceNamesA
DeleteCriticalSection
GetCommConfig
LoadLibraryExA
lstrcmpiA
SetEnvironmentVariableW
GetCommandLineA
GetVersion
SetVolumeLabelA
CreateProcessA
VirtualAlloc
DebugBreak
ExitProcess

user32

EnumDisplaySettingsExA
CopyIcon
CharToOemA
DefDlgProcW
EnumDisplayDevicesW
SetDlgItemTextA
GetWindowLongA
EnumThreadWindows
CreateWindowExA
FlashWindow
RedrawWindow
mouse_event
RegisterClipboardFormatA
AppendMenuA
ModifyMenuA
MenuItemFromPoint
FindWindowExA
GetMenuDefaultItem
GetShellWindow
LoadBitmapW
SetWinEventHook
ExitWindowsEx
SendMessageTimeoutA
GetSystemMetrics
SetUserObjectSecurity
CreateDesktopA
CheckDlgButton
DialogBoxParamA
SwitchToThisWindow
ChildWindowFromPointEx
CreateWindowStationW
LoadMenuW
DragDetect
DrawTextA
IsDialogMessageA
IsWindowUnicode
ChangeDisplaySettingsExA
GetDoubleClickTime
CallNextHookEx
GetKeyboardLayoutList
DestroyMenu
PostQuitMessage
DispatchMessageA
SetLastErrorEx
GetIconInfo
PostThreadMessageW
GetScrollRange
LoadMenuA
VkKeyScanW
KillTimer
SetWindowPlacement
EnableScrollBar

comdlg32

PrintDlgA
PageSetupDlgW
CommDlgExtendedError

advapi32

RegQueryValueA
GetAce
AddAce
NotifyChangeEventLog
CryptGetKeyParam
SetNamedSecurityInfoW
SetFileSecurityW
OpenThreadToken
GetUserNameW
DeregisterEventSource
CryptHashData
AdjustTokenPrivileges
SetSecurityInfo
PrivilegeCheck
ObjectCloseAuditAlarmW
ImpersonateSelf
CryptDecrypt
GetPrivateObjectSecurity

shell32

SHGetSpecialFolderPathA
SHLoadInProc
SHGetSpecialFolderPathW

ole32

CoRegisterMallocSpy
IIDFromString
OleSetClipboard
OleRegGetUserType
OleCreateLink
OleLockRunning
RevokeDragDrop
CoGetTreatAsClass

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayGetElement
LoadTypeLi
LoadTypeLibEx
SafeArrayUnaccessData
SafeArrayPutElement
VariantChangeType

comctl32

ord17
CreateToolbarEx

shlwapi

PathAddExtensionW
StrRetToStrW
UrlGetPartA
SHCreateStreamOnFileW
PathCombineW
StrFormatByteSizeW
PathCommonPrefixW
PathQuoteSpacesA
PathFindNextComponentW
PathIsFileSpecW
StrChrIW
PathRenameExtensionW
SHRegQueryUSValueW
StrDupA
StrCatW

Sections

mommia
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

igiuiay
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

eyiyss
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wikequ
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99cb483058e100d55690f5aab4330c86

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

mommia Size: 2KB - Virtual size: 2KB

igiuiay Size: 5KB - Virtual size: 5KB

eyiyss Size: 292KB - Virtual size: 291KB

wikequ Size: 14KB - Virtual size: 14KB

mommia
Size: 2KB - Virtual size: 2KB

igiuiay
Size: 5KB - Virtual size: 5KB

eyiyss
Size: 292KB - Virtual size: 291KB

wikequ
Size: 14KB - Virtual size: 14KB