2961726945a4993c360d97cd4da09318_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2961726945a4993c360d97cd4da09318_JaffaCakes118
Size

324KB
MD5

2961726945a4993c360d97cd4da09318
SHA1

20984ed369a31838a13fd2b37ee8928f3c41e037
SHA256

28601b3a8a6c1897205f4429376cbecf8857c99d2963bc5ebb598b3d208e2012
SHA512

bd1517d838843dc99e95a2e6e26e34af17098d13609ee12ed13f07c2b46f192034057220a9fd4c7fd34fb5e1fa43b8702ccd551a46f5eb4b6bd85d9eb13ede4a
SSDEEP

6144:BZtaUxH67r+v+xY1g3raicBgyE3SR6rIIQzgFfparsJA/EpndXc9GZcw:rhs6cOngyECR6rVQzgtpZ8EpndXGGZc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2961726945a4993c360d97cd4da09318_JaffaCakes118

Files

2961726945a4993c360d97cd4da09318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcf6bd70e8f3b5af143dbbf7602d34d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
lstrlenA
GetCommandLineA
ReleaseMutex
GetOverlappedResult
CreateEventA
FatalAppExitA
AreFileApisANSI
SetConsoleOutputCP
CreateDirectoryA
GetVersionExA
ExitProcess
FormatMessageA
DeleteCriticalSection

user32

SetPropA
GetSubMenu
DefDlgProcW
UnhookWindowsHook
CallWindowProcA
CreateIconFromResource
GetKeyboardState
WindowFromDC
EnumDisplayDevicesA
CreateDialogIndirectParamW
IsWindow
CharLowerBuffA
RegisterClassA
SendInput
OpenClipboard
SetScrollRange
SetWindowRgn
CopyRect
GetClipboardViewer
CopyImage
ArrangeIconicWindows
LockWindowUpdate
SetWindowTextA
SetWindowPlacement
GetMenuDefaultItem
SetCursorPos
EnumWindows
ReplyMessage
ChildWindowFromPointEx
GetCursorPos
GetClassInfoA
InSendMessage
TrackPopupMenu
SystemParametersInfoW
CheckRadioButton
GetMessageTime
ChangeMenuW
OpenInputDesktop
IsDialogMessageA
GetScrollPos
GetWindowTextLengthW
DialogBoxParamW
PeekMessageW
CreateMDIWindowW
EnumDisplaySettingsA
CloseDesktop
CreatePopupMenu
LoadBitmapW
CreateDialogIndirectParamA
GetDlgCtrlID
CreateIconIndirect
SwitchDesktop
SetLastErrorEx
InsertMenuA
WinHelpA
ActivateKeyboardLayout
DragDetect
MonitorFromWindow
DrawIconEx

gdi32

GetDCOrgEx
CreateEnhMetaFileW
SetBitmapBits
OffsetClipRgn
CreateDCA
GetBkMode
GetFontLanguageInfo
GetPolyFillMode
CreateBitmapIndirect
DeleteDC
CreateMetaFileW
EnumFontsW
EnumObjects

comdlg32

ReplaceTextA

advapi32

RegOpenKeyExW
MakeAbsoluteSD
NotifyChangeEventLog
RegisterEventSourceW
EnumDependentServicesA
CryptSignHashW
SetSecurityDescriptorOwner
DestroyPrivateObjectSecurity
SetSecurityDescriptorGroup
DuplicateTokenEx
LockServiceDatabase
CryptGetKeyParam
CryptReleaseContext
LogonUserW
ChangeServiceConfigW
GetSidSubAuthorityCount

shell32

SHLoadInProc

oleaut32

SysStringLen
VariantCopy
SafeArrayUnaccessData
LoadTypeLibEx
SysFreeString
SafeArrayGetLBound
SysAllocStringLen

shlwapi

StrCpyNW
PathUndecorateW
PathFileExistsW
PathRelativePathToA
PathIsRelativeA
SHGetValueA
StrFormatByteSize64A
StrRetToStrW
PathRemoveBlanksA
StrChrW

setupapi

SetupInstallFromInfSectionW

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcf6bd70e8f3b5af143dbbf7602d34d3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 280KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 29KB

.text
Size: 284KB - Virtual size: 280KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 29KB