28fafb1f3bd6ad6a7c33b9724df6f8f1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28fafb1f3bd6ad6a7c33b9724df6f8f1_JaffaCakes118
Size

276KB
MD5

28fafb1f3bd6ad6a7c33b9724df6f8f1
SHA1

1e3d659ab10cfa4974b90734cb9de0665b503339
SHA256

32a5c32aef1c99ad23b0f917daf5d2e9ef44c22cf00f4378205387336fe51df2
SHA512

4fcbddc9728c648f1bcd32680a0bd1adcf8eb1fdaf5832c42f0148da433577d62223dfabd6c2a7b80e908bce9ba96a2cc2b3693ea1ba10ce196eec8d7840261a
SSDEEP

3072:rhv97+JVP52iwgfclyvtoHK+RJ0ZUKrk/h1nVFAsKIii2u2BUpNVnjWDCZgRN9Kd:dv9sQd0Foq+P0ZUB/zndlaUCrN9KMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28fafb1f3bd6ad6a7c33b9724df6f8f1_JaffaCakes118

Files

28fafb1f3bd6ad6a7c33b9724df6f8f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1662b82f61f3aeac80089f2f3510ebe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCursorInfo
GetShortPathNameA
WriteFile
GetStringTypeExW
CreatePipe
FileTimeToLocalFileTime
CreateDirectoryW
FindCloseChangeNotification
EraseTape
GetCompressedFileSizeW
ScrollConsoleScreenBufferA
LCMapStringA
ClearCommBreak
GlobalFindAtomA
EnumResourceLanguagesW
GetLongPathNameA
DeleteFiber
GetBinaryTypeW
GetModuleHandleA
GetSystemTimeAsFileTime
GetLargestConsoleWindowSize
OpenSemaphoreW
GetUserDefaultLCID
EnumResourceNamesA
GetCurrentDirectoryW
CompareStringW
LeaveCriticalSection
IsValidLocale
SystemTimeToFileTime
ReleaseMutex
SetStdHandle
IsBadReadPtr
CreateDirectoryA
WaitNamedPipeA
CreateWaitableTimerA
PeekNamedPipe
GetComputerNameW
GlobalUnlock
SetErrorMode
GetProfileIntA
_lclose
WriteProcessMemory
SuspendThread
FreeLibrary
GetDriveTypeA
SetupComm
GetWindowsDirectoryA
SetConsoleOutputCP
CreateMutexW
FreeLibraryAndExitThread
GetTempFileNameA
IsBadStringPtrA
LocalAlloc
RaiseException
SetConsoleMode
lstrcpynA
VirtualAlloc
GetStartupInfoA

user32

DrawStateA
ShowScrollBar
BeginDeferWindowPos
SetWindowPos
GetWindowTextLengthW
MsgWaitForMultipleObjectsEx
UnloadKeyboardLayout
WindowFromDC
CheckRadioButton
SendNotifyMessageA
GetClipboardSequenceNumber
EnumWindowStationsW
DrawIconEx
UnregisterClassW
LockWindowUpdate
FlashWindow
GetNextDlgTabItem
MoveWindow
DrawFrameControl
InSendMessage
CallNextHookEx
CharToOemW
SetForegroundWindow
CreateDialogIndirectParamA
SetKeyboardState
BeginPaint
LoadCursorA
GetIconInfo
SetDlgItemTextA
UpdateWindow
CreateCursor
GetUpdateRect
MessageBoxW
GetDlgItemInt
SetMessageQueue
ChangeDisplaySettingsW
GetProcessDefaultLayout
SetWinEventHook
DrawCaption
CreateDialogParamW
CheckMenuRadioItem
CharUpperBuffW
SetPropA
CallWindowProcA
GetUpdateRgn
GetKeyboardState
CreateCaret
CascadeWindows
LoadAcceleratorsW
CharNextA
GetQueueStatus
SetTimer
RegisterClassA
SetPropW
MonitorFromWindow
DestroyWindow
GetClipboardViewer

gdi32

CreateRoundRectRgn
EnumEnhMetaFile
GetBkMode
CreateICA
StartDocW
SetTextCharacterExtra
CreateBitmap
SwapBuffers
GetOutlineTextMetricsW

comdlg32

PageSetupDlgA
GetFileTitleA
ChooseColorA
GetOpenFileNameA

advapi32

CryptSetProvParam
RegDeleteValueA
RegSetValueExW
ChangeServiceConfigA
SetKernelObjectSecurity
GetUserNameA
RegEnumValueW
AbortSystemShutdownA
RegGetKeySecurity
IsValidSid
CryptGetHashParam
QueryServiceObjectSecurity
IsValidSecurityDescriptor
GetCurrentHwProfileW
SetSecurityDescriptorDacl
CryptDecrypt
CopySid
CloseServiceHandle
CryptHashData
EnumServicesStatusA
RegRestoreKeyA
InitializeSid
CryptReleaseContext
CryptGetProvParam
RegCreateKeyExA
CryptGetKeyParam
GetSidIdentifierAuthority

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA

ole32

CreateOleAdviseHolder
OleCreate
CoLockObjectExternal
OleConvertIStorageToOLESTREAM
CoReleaseServerProcess
CoTaskMemRealloc
CoReleaseMarshalData

oleaut32

SysAllocStringLen
SafeArrayPutElement
SysFreeString
SafeArrayGetElement
LoadTypeLi

shlwapi

PathParseIconLocationW
wvnsprintfW
SHRegWriteUSValueW
StrStrIA
PathStripPathW
PathIsDirectoryA

msvcrt

_acmdln
_XcptFilter
_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
exit
_controlfp

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1662b82f61f3aeac80089f2f3510ebe8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 26KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 26KB