296110b2085326d005772c57277012b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

296110b2085326d005772c57277012b1_JaffaCakes118
Size

320KB
MD5

296110b2085326d005772c57277012b1
SHA1

ed16ddb0f548c05506a004465ff4acad52b91e52
SHA256

3bedbb7806a1330b88703b3d72aefad70e55d70ba4b797d5f93314348bed54ac
SHA512

e7d7d0a475457fe78e2ff9e4cfec6812515bdb146138ec05705db2eb4199d624edce4d0d386fc10b8c74262447f1cfc8c353c98bb5e04d83f43483a38ad552cb
SSDEEP

6144:V7yJ54PNVBqF+xFSadgbvOKZ6w76rJsD08/I+hFvWe+StC3gEGQ1CWrJpB:VWJmlVBs+v7uOKMrJsDphFee+4Z9irJT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
296110b2085326d005772c57277012b1_JaffaCakes118

Files

296110b2085326d005772c57277012b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f057cd3a122b321cc6227a1581f8945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lread
TlsFree
MultiByteToWideChar
_lopen
GetDriveTypeW
ReadConsoleInputW
CreateNamedPipeW
_lwrite
GetTapePosition
WaitForSingleObject
GetTickCount
SetThreadLocale
GetSystemDefaultLangID
VirtualLock
UnhandledExceptionFilter
GetCurrentThreadId
FillConsoleOutputCharacterA
lstrcatA
SetThreadPriority
SetCurrentDirectoryW
GetFileAttributesW
WriteConsoleInputA
SetTimeZoneInformation
GlobalAddAtomW
CreateSemaphoreW
SetFileAttributesA
WriteFileEx
MulDiv
PurgeComm
FillConsoleOutputAttribute
LocalSize
DeleteAtom
LockResource
CancelWaitableTimer
GetPrivateProfileIntA
GetTempPathA
lstrcmpW
GetSystemInfo
EnterCriticalSection
GetProcessWorkingSetSize
CopyFileW
ReadConsoleW
GetConsoleCP
WriteConsoleW
GetCurrentDirectoryA
CompareStringW
lstrcpynA
ExitThread
SetWaitableTimer
GetLongPathNameW
SetPriorityClass
DeleteFileA
HeapDestroy
RemoveDirectoryA
VirtualProtect
GetCommandLineA
GetVersionExA
lstrlenA
GetThreadPriority
ExitProcess

user32

ChildWindowFromPoint
GetWindowTextA
TabbedTextOutA
GetDlgItemTextA
MoveWindow
GetDCEx
InsertMenuA
WinHelpW
InvertRect
IsCharUpperW
InSendMessage
GetKeyboardLayoutNameA
GetCaretBlinkTime
SetMenuItemInfoA
ToAscii
IsWindowEnabled
GetKeyboardState
GetNextDlgGroupItem
LoadIconW
GetKeyboardLayoutList
SwitchToThisWindow
DefFrameProcA
wsprintfA
MapVirtualKeyW
MsgWaitForMultipleObjects
SetScrollPos
GetMessageExtraInfo
DefWindowProcW
DeleteMenu
GetScrollBarInfo
InflateRect
GetMenuCheckMarkDimensions
SetCursorPos
GetAncestor
GetKeyboardLayout
TrackPopupMenuEx
GetFocus
GetProcessDefaultLayout
IsIconic
GetMessagePos
MonitorFromPoint
IsZoomed
WaitMessage
ClipCursor
SystemParametersInfoA
AppendMenuA
CreateIconIndirect
OpenDesktopA
BroadcastSystemMessageW
SetProcessDefaultLayout
SetClassLongA
PostThreadMessageA
RemoveMenu
SetCaretPos
GetMenuItemInfoA
GetSubMenu
GetWindowRect

gdi32

GetGlyphOutlineW
GetDIBits
RectInRegion
GetEnhMetaFileBits
OffsetRgn
SetBkColor
GetTextColor
EnumFontsW
CreateSolidBrush
SetColorAdjustment
GetTextExtentPoint32A
FillRgn
RectVisible
GetTextCharacterExtra

advapi32

SetSecurityDescriptorDacl
CryptAcquireContextA
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
EnumServicesStatusA
GetSecurityDescriptorGroup
CryptHashData
RegEnumKeyExA
RegEnumValueA
ImpersonateNamedPipeClient
CryptGetProvParam
AbortSystemShutdownA

shell32

SHChangeNotify
ExtractAssociatedIconW

ole32

OleCreateLinkToFile
WriteClassStm
ProgIDFromCLSID
CoReleaseMarshalData
OleCreateLink
CreateBindCtx
CoSetProxyBlanket
CreateOleAdviseHolder

oleaut32

VariantInit
SetErrorInfo
SysReAllocStringLen
SysAllocString

comctl32

ImageList_Duplicate
ImageList_LoadImageW
ImageList_GetImageCount

shlwapi

StrTrimW
AssocQueryKeyW
SHStrDupW
StrCpyW
SHSetValueA
PathStripToRootW
StrRChrA
StrFormatByteSizeW
StrCatBuffW

setupapi

SetupGetLineTextA
SetupDiSetSelectedDevice
SetupGetStringFieldA
SetupGetLineCountA
SetupDiClassGuidsFromNameW

Sections

.text
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f057cd3a122b321cc6227a1581f8945

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 292KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 296KB - Virtual size: 292KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 9KB