292d69ea7a42d991de48bc3791abe136_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

292d69ea7a42d991de48bc3791abe136_JaffaCakes118
Size

400KB
MD5

292d69ea7a42d991de48bc3791abe136
SHA1

181ae9fd1b9265ee4e876f9299418cee12dfc1eb
SHA256

7298bd3f7884f026d0219ff464672c6bd0bb8e8217fcedd3a6fd613779c6188e
SHA512

6b6b9638f11f50e710d5e04d6a5e42d87e9be096d6f8fd33986b114d792515da5bda4bfd2b6ff43f70cbc989a2d06a8b320cc7a2f83ea51d8d2b709155f7a0f3
SSDEEP

6144:JyP2t4+fWeIDSg0EjjOO6gXqEPxIkf33X3QmpUIuwRcCjfpIx4YLh94MJXxAJsxv:UP+a0mjOO6gfv3gmpOrx4MhSMJrUCS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
292d69ea7a42d991de48bc3791abe136_JaffaCakes118

Files

292d69ea7a42d991de48bc3791abe136_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84f09ef3b94f8a5a2f8a5774c0f6696a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesA
ReadFileScatter
MultiByteToWideChar
ReadConsoleOutputA
LocalSize
RaiseException
GetProcessHeap
CopyFileExW
GetModuleFileNameW
SetThreadPriorityBoost
SetConsoleMode
GetCurrentProcessId
EnumSystemCodePagesW
CreatePipe
GetOEMCP
FreeResource
FindCloseChangeNotification
GlobalFindAtomA
RemoveDirectoryA
SetMailslotInfo
WritePrivateProfileStructA
lstrcmpA
CompareStringW
FreeEnvironmentStringsA
VirtualProtect
GetVersionExA
GetCommandLineA
FindResourceExA
GetCommState
LoadResource
GlobalFlags
IsBadWritePtr
CreateNamedPipeW
GetComputerNameW
OutputDebugStringA
GetTapeParameters
VirtualQueryEx
GetLogicalDriveStringsA
GetCommModemStatus
VirtualAlloc
OpenSemaphoreW
ExitProcess

user32

SetWindowsHookExA
EnumWindowStationsW
MonitorFromWindow
DialogBoxParamW
SetWindowsHookExW
SetLastErrorEx
GetGuiResources
SwapMouseButton
GetDlgItem
SetWindowPos
OemToCharBuffW
IsCharLowerA
PostMessageA
UnhookWinEvent
GetParent
MapVirtualKeyExW
ClientToScreen
SetMenuDefaultItem
PostThreadMessageW
OemKeyScan
DialogBoxIndirectParamW
GetUpdateRgn
OpenInputDesktop
SetWindowPlacement
CharUpperBuffA
GetNextDlgGroupItem
ChangeDisplaySettingsExA
AppendMenuW
DrawStateW
OpenDesktopA
SetDlgItemTextW
TranslateAcceleratorW
CreatePopupMenu
SendNotifyMessageW
SetCaretBlinkTime
GetClassNameW
ReplyMessage
PostQuitMessage
SetThreadDesktop
MessageBoxW
GetClipboardSequenceNumber
BroadcastSystemMessageA
SetWindowsHookW
DrawEdge
ChangeClipboardChain
CreateWindowStationW
GetCursor
SendMessageTimeoutW
IsCharLowerW
LoadKeyboardLayoutW
DefDlgProcW
IsWindowVisible
GetWindowTextW
CreateCaret
MsgWaitForMultipleObjectsEx
WaitMessage
DrawTextExW
CreateDialogIndirectParamW
GetShellWindow
EnumDisplayMonitors

gdi32

CreateFontA
GetCharacterPlacementA
PolyBezierTo
GetCharWidth32A
GetStretchBltMode
BeginPath

advapi32

RegUnLoadKeyW
RegReplaceKeyW
RegLoadKeyW
LookupAccountSidW
OpenServiceW

shell32

SHLoadInProc

ole32

OleCreateMenuDescriptor
CoLockObjectExternal
OleQueryLinkFromData
CoInitializeEx
StgCreateStorageEx
CreateStreamOnHGlobal

oleaut32

SafeArrayUnaccessData
SafeArrayGetElement
LoadTypeLi
SafeArrayCreate

comctl32

ImageList_DragShowNolock

shlwapi

SHRegSetUSValueW
StrCmpLogicalW
StrTrimW
SHRegOpenUSKeyW
PathGetArgsW

Sections

sgimu
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ssosw
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uqoksiw
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wygsu
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84f09ef3b94f8a5a2f8a5774c0f6696a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

sgimu Size: 336KB - Virtual size: 332KB

ssosw Size: 4KB - Virtual size: 3KB

uqoksiw Size: 8KB - Virtual size: 6KB

wygsu Size: 48KB - Virtual size: 46KB

sgimu
Size: 336KB - Virtual size: 332KB

ssosw
Size: 4KB - Virtual size: 3KB

uqoksiw
Size: 8KB - Virtual size: 6KB

wygsu
Size: 48KB - Virtual size: 46KB