28fb021378a39bcf891c9fe23dc3824f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28fb021378a39bcf891c9fe23dc3824f_JaffaCakes118
Size

296KB
MD5

28fb021378a39bcf891c9fe23dc3824f
SHA1

30755b7d263dd5cc08cee5003c7dc694e9a9b1c3
SHA256

da4e9c5a478c253f2cf1b9764de4d4c4d1ea343513b33cc94e2a392de502c518
SHA512

a971dba5c22c37f6ac47a8a4507f96b402f15f0588cdd3f706512ec5b10dd158c0e9e3604558c76034aa90067d8380412457f28aab7dad1d784999cfb9de93a8
SSDEEP

6144:rtkcqEx19GHoxtdbNvEZzRkAqgMm9VNSuLAumVGok7i+S/3Qt:rMg19GHZzmWh0q1mA573

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28fb021378a39bcf891c9fe23dc3824f_JaffaCakes118

Files

28fb021378a39bcf891c9fe23dc3824f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d31adcd97978150868807845b94fce50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
FindFirstFileA
SetCurrentDirectoryA
InitializeCriticalSection
_hread
ScrollConsoleScreenBufferA
GetTempFileNameA
TryEnterCriticalSection
EnumResourceNamesA
FindNextChangeNotification
SetEnvironmentVariableA
lstrcpyA
FindResourceExW
GetDriveTypeA
EraseTape
VirtualQueryEx
_lclose
ReadConsoleA
IsDBCSLeadByteEx
SetVolumeLabelA
GetSystemTime
GetHandleInformation
GlobalAddAtomA
WritePrivateProfileStringA
GetDriveTypeW
SetCommTimeouts
GetStringTypeExW
GetTimeZoneInformation
lstrcatW
IsValidLocale
Beep
SetupComm
CreateMutexA
GetTickCount
lstrcmpiW
FlushFileBuffers
GetLargestConsoleWindowSize
ReadConsoleInputW
VirtualProtect
GetEnvironmentVariableW
VirtualQuery
OpenFile
SetConsoleOutputCP
GetUserDefaultLCID
TlsGetValue
FindResourceExA
LocalSize
FreeEnvironmentStringsA
GetVersion
GetPrivateProfileStringW
GetDateFormatA
LocalLock
EnumCalendarInfoA
DeleteFiber
PurgeComm
_lread
LocalAlloc
SetThreadLocale
GetSystemTimeAsFileTime
PeekConsoleInputW
GetLocaleInfoW
GetProfileStringA
GlobalFindAtomA
VirtualAllocEx
SetProcessShutdownParameters
SetTimeZoneInformation
CreatePipe
OpenMutexA
GetOEMCP
GetConsoleCursorInfo
_lopen
GetNumberFormatW
SetStdHandle
SearchPathW
IsBadStringPtrA
GetPrivateProfileStringA
SetFileTime
GetCommandLineA
GetVersionExA
lstrlenA
VirtualUnlock
ExitProcess

user32

GetDlgItemInt
GetPropA
SwitchToThisWindow
AppendMenuW
CharToOemA
SendMessageTimeoutW
UnregisterClassW
AdjustWindowRectEx
InsertMenuW
GetSystemMenu
GetMenuDefaultItem
InsertMenuA
IsRectEmpty
GetParent
CreateDialogIndirectParamA
SetDlgItemTextA
GetMessageTime
GetTitleBarInfo

gdi32

LineDDA
DeleteObject
CreateICW
PolyBezier
GdiComment
GetStockObject
GetTextExtentPoint32A
IntersectClipRect
GetCurrentObject
SelectObject
CreateCompatibleBitmap
PlayEnhMetaFileRecord
GetCurrentPositionEx
PatBlt
Rectangle
Ellipse
SetMetaFileBitsEx
PolyPolyline
GetWindowOrgEx

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameA
ChooseFontA

advapi32

DuplicateTokenEx
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
RegSetValueA
BuildTrusteeWithSidW
LookupPrivilegeNameA
RegSetValueExA
StartServiceW
LockServiceDatabase
ReadEventLogW
RegSaveKeyA
GetAclInformation
IsValidAcl
RegUnLoadKeyW
RegEnumValueA
RegSetValueW
CryptReleaseContext
LogonUserW
GetTokenInformation
GetSidLengthRequired
CopySid
LookupPrivilegeDisplayNameA
CryptHashData
ClearEventLogW
ControlService
AllocateAndInitializeSid
RegLoadKeyW
RegEnumKeyExA
GetServiceDisplayNameA
IsValidSecurityDescriptor
RegUnLoadKeyA
PrivilegeCheck
DeregisterEventSource

shell32

SHBrowseForFolderA
SHGetSettings
DragFinish
SHChangeNotify
FindExecutableA

ole32

RevokeDragDrop
CoFileTimeNow
CoCreateInstance
MkParseDisplayName
CLSIDFromString
OleQueryLinkFromData
CoGetTreatAsClass
StgSetTimes
OleCreateLink

oleaut32

SysAllocStringLen
SysFreeString
LoadTypeLibEx
SafeArrayGetLBound
SysStringLen

shlwapi

PathGetDriveNumberW
PathRemoveBackslashW
PathRemoveExtensionW
StrCmpNW
SHRegOpenUSKeyW
SHRegGetUSValueW
PathRemoveArgsW
StrTrimW
PathAddBackslashA
StrCatBuffA
PathGetArgsW
PathGetCharTypeW
StrStrIW
SHCopyKeyA
SHRegCloseUSKey

Sections

.text
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d31adcd97978150868807845b94fce50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 272KB - Virtual size: 268KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 272KB - Virtual size: 268KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 8KB