290b95ffcfdf37e27a382851a46f7aa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

290b95ffcfdf37e27a382851a46f7aa0_JaffaCakes118
Size

400KB
MD5

290b95ffcfdf37e27a382851a46f7aa0
SHA1

ebc486ebe2a7f1bf65146186dc032005d7638147
SHA256

4646b4acf418a8009bdaed39794368833ea0f7fc16f13151827b3ff0808bbc55
SHA512

87ef03805f642b53b2d57ceb6db9b1beb7eef47c88b6700959047c5803f2b013907f1028284d24463188858fe35c5c71954f935d919c08a6d9db480e87a9be98
SSDEEP

6144:fmQ/fM/KyUxM92KZazBbKEoeiJoJykoMUKc0M7TFP6Q1/pLWjrQIgo0gJZ/f:fH/fMyq9FyKEoZlMUXz7TFi2V1gJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
290b95ffcfdf37e27a382851a46f7aa0_JaffaCakes118

Files

290b95ffcfdf37e27a382851a46f7aa0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1a3ca82ae4dedd1e1584922c0d3075e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleOutputCP
EnumCalendarInfoA
GetSystemDefaultLangID
GetFileType
ReleaseSemaphore
SetFileAttributesA
GetComputerNameW
SetCurrentDirectoryA
GetBinaryTypeA
CreateDirectoryExA
UnmapViewOfFile
WriteFile
GetSystemTime
GetBinaryTypeW
SetMailslotInfo
IsDBCSLeadByteEx
InitializeCriticalSection
CompareStringA
IsProcessorFeaturePresent
PeekConsoleInputW
FlushConsoleInputBuffer
ScrollConsoleScreenBufferA
CloseHandle
lstrcpyA
MultiByteToWideChar
GetConsoleMode
FlushFileBuffers
EnumSystemCodePagesA
FindNextChangeNotification
GetVersionExA
VirtualProtect
OpenSemaphoreW
VirtualFree
ConnectNamedPipe
OutputDebugStringA
CreateMutexW
CompareStringW
SetProcessShutdownParameters
IsBadWritePtr
QueryDosDeviceA
LoadLibraryExW
FindFirstFileA
_llseek
GetConsoleCursorInfo
SwitchToFiber
GetFileInformationByHandle
GetShortPathNameA
VirtualUnlock
FindFirstFileW
SetEvent
TryEnterCriticalSection
VirtualAlloc
GlobalGetAtomNameW
EnumResourceNamesW
WriteProcessMemory
AreFileApisANSI
GetCommandLineA
lstrlenA
QueryDosDeviceW
ExitProcess

user32

ShowOwnedPopups
SendDlgItemMessageW
GetCapture
EnumThreadWindows
GetWindowLongA
LoadMenuIndirectA
DragDetect
CreatePopupMenu
SetThreadDesktop
SetCaretPos
GetForegroundWindow
MessageBoxIndirectW
EnumDisplaySettingsExA
MapVirtualKeyExW
GetSysColor
UnhookWindowsHook
GetSystemMetrics
IsWindowUnicode
GetDC
GetAsyncKeyState
DefFrameProcA
GetWindowRgn
GetWindowWord

gdi32

SetDIBColorTable
SetGraphicsMode
GetGlyphOutlineW
MoveToEx

comdlg32

PageSetupDlgA
ChooseFontW

advapi32

LookupAccountSidA
RegLoadKeyW
IsTextUnicode
RegLoadKeyA
ObjectCloseAuditAlarmW
CloseServiceHandle
AccessCheckAndAuditAlarmA
BuildTrusteeWithSidW
EnumDependentServicesA
SetSecurityDescriptorOwner
SetFileSecurityW
GetSecurityDescriptorGroup
GetNamedSecurityInfoW
BuildTrusteeWithNameW
LookupPrivilegeDisplayNameA
GetSecurityDescriptorDacl
GetAclInformation
GetTokenInformation

shell32

DragFinish
ExtractIconExW

ole32

GetRunningObjectTable
StgSetTimes
ReadClassStg
CoFreeUnusedLibraries
CoFileTimeNow
WriteClassStg
OleCreateMenuDescriptor
CLSIDFromString
CoFreeAllLibraries

oleaut32

QueryPathOfRegTypeLi

comctl32

ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_EndDrag
ImageList_DragLeave

shlwapi

PathGetDriveNumberA
StrTrimA
AssocCreate
wnsprintfW
HashData
PathIsDirectoryA
SHRegGetBoolUSValueW
StrCpyNW

Sections

waoio
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ieqgyo
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uoqcg
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wkwaa
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1a3ca82ae4dedd1e1584922c0d3075e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

waoio Size: 336KB - Virtual size: 332KB

ieqgyo Size: 4KB - Virtual size: 3KB

uoqcg Size: 24KB - Virtual size: 21KB

wkwaa Size: 32KB - Virtual size: 29KB

waoio
Size: 336KB - Virtual size: 332KB

ieqgyo
Size: 4KB - Virtual size: 3KB

uoqcg
Size: 24KB - Virtual size: 21KB

wkwaa
Size: 32KB - Virtual size: 29KB