28f5c9c5a5d6bf801f06b325575ecd47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28f5c9c5a5d6bf801f06b325575ecd47_JaffaCakes118
Size

292KB
MD5

28f5c9c5a5d6bf801f06b325575ecd47
SHA1

3c046d196dd771e3c6f7eabeecc26b8ab58f8df3
SHA256

7e960be2246ed73c131c7547cc6afca57da3db86ef605bc3d4c11d2cf44a9ad8
SHA512

8b399cd1d94445cc4a774645ee38909fd7cb8ce12952678a5126e6d8610a1dfd0ddba22835d31795ed8e471a2cedbb47710acc1d75fa0ae23b931a97b03027ff
SSDEEP

6144:YMthhQmYi5rqmFeM6OLoznu3oY5uKNb8GDNx/:YMPGitqYeM6aoznNYhNj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f5c9c5a5d6bf801f06b325575ecd47_JaffaCakes118

Files

28f5c9c5a5d6bf801f06b325575ecd47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ac36f92b856d53fed406258793d7544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
VirtualQuery
ExitProcess
CreateIoCompletionPort
GetVersionExA
VirtualProtect
VirtualAlloc
GetModuleHandleA
FindResourceExW
GetStartupInfoA

user32

UnhookWinEvent
IsWindowVisible
RegisterClassExA
GetAsyncKeyState
EnableMenuItem
FindWindowExW
OemToCharBuffW
ChangeDisplaySettingsA
keybd_event
GetKeyboardState
FindWindowExA
ScrollWindowEx
LoadAcceleratorsA
CascadeWindows
LoadStringA
ScreenToClient
SetDlgItemTextA
MapVirtualKeyExW
SetClassLongW
GetInputState
SetMenuDefaultItem
DefWindowProcA
GetDoubleClickTime
SetMenuItemInfoW
PeekMessageA
GetClassNameA
CountClipboardFormats
GetClassInfoW
EnumWindows
IsWindowEnabled
SetClassLongA
ModifyMenuW
LoadImageA
DrawAnimatedRects
SendInput
GetSubMenu
ValidateRect
GetProcessWindowStation
GetMenuStringW
CreateDesktopA
SetClipboardViewer
CheckRadioButton
HideCaret
ChangeDisplaySettingsW

gdi32

GetCharWidthA
SetBkMode
InvertRgn
StrokeAndFillPath
GetTextExtentPointW
GetCharWidth32A

comdlg32

ReplaceTextW
GetFileTitleW
ChooseColorA
PageSetupDlgW

advapi32

SetSecurityDescriptorGroup
CryptSetKeyParam
LookupAccountNameW
SetKernelObjectSecurity
CryptSetHashParam
LookupPrivilegeValueW
ObjectCloseAuditAlarmA
ReportEventA
RegSetValueW
InitializeSecurityDescriptor
EnumServicesStatusW
SetEntriesInAclW
RegEnumKeyExW
GetSidIdentifierAuthority
ChangeServiceConfigA
ImpersonateLoggedOnUser
RegConnectRegistryA
OpenServiceW
OpenServiceA
IsValidSid
AbortSystemShutdownA
DuplicateTokenEx
GetAce
CreateServiceA
DeleteAce
RegReplaceKeyW
CryptEncrypt
GetExplicitEntriesFromAclW
GetServiceDisplayNameA
BuildTrusteeWithNameW
GetServiceDisplayNameW
CloseServiceHandle
RegOpenKeyExW
RegOpenKeyW
InitializeAcl

shell32

FindExecutableA

oleaut32

SafeArrayGetElement
VariantChangeType
VariantCopy
SafeArrayRedim
LoadTypeLi
SysStringLen
QueryPathOfRegTypeLi

comctl32

ImageList_AddMasked

shlwapi

UrlCombineW
PathFindExtensionW
PathAddExtensionW
SHRegGetBoolUSValueW
PathAppendW
PathRemoveFileSpecW
SHStrDupW
PathCanonicalizeA
PathCompactPathExW
StrFormatKBSizeW
PathIsDirectoryW
PathRemoveBlanksA
PathIsRootW
HashData
StrCmpW
PathIsDirectoryA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ac36f92b856d53fed406258793d7544

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 280KB - Virtual size: 277KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 280KB - Virtual size: 277KB