2a081f3dce9a0be7e721b90d977692df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a081f3dce9a0be7e721b90d977692df_JaffaCakes118
Size

276KB
MD5

2a081f3dce9a0be7e721b90d977692df
SHA1

169f45c45743bb002638aeb85444527473fcbae5
SHA256

f83cd1819f629f0b95fd07394f365440f1f469acb7a95bf5253ad6592e59bae2
SHA512

6b8dabe154e07f1e19d5737497db2a573eca4d1aa0223c9743f5568b793b5e52850e5f7acb0aaf22e5def2d7bfc204b92bd8a9bceaaa480e42e87b568b2b0909
SSDEEP

6144:VT7eHU/siY6JI4KBWOQEYbjrPME6OE2qa3RT11L:dsiDJyWO07bEYBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a081f3dce9a0be7e721b90d977692df_JaffaCakes118

Files

2a081f3dce9a0be7e721b90d977692df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c944ca982e32ccdfb6a23729b575b15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GlobalUnlock
InitializeCriticalSection
EnumTimeFormatsW
SetStdHandle
GetEnvironmentStringsW
GenerateConsoleCtrlEvent
VirtualAllocEx
GetCompressedFileSizeW
SetFileAttributesA
GetCurrentDirectoryW
LocalReAlloc
SetConsoleWindowInfo
GetStartupInfoA
GetShortPathNameA
GetLocaleInfoW
VirtualAlloc
CopyFileExW
EnumResourceNamesA
FatalAppExitA
AllocConsole
PeekNamedPipe
GetTickCount
GlobalFindAtomW
PulseEvent
GetStringTypeExW
VirtualFree
GlobalFree
GetAtomNameA
ScrollConsoleScreenBufferA
EndUpdateResourceA
LoadResource
SetEnvironmentVariableA
SetThreadLocale
EraseTape
GetTimeZoneInformation
DebugBreak
VirtualQueryEx
GetTempPathW
GetCommState
LoadLibraryExA
ConnectNamedPipe
GetModuleHandleA
RaiseException
QueryDosDeviceW
LocalLock
FindFirstFileW
WriteConsoleOutputW
ExpandEnvironmentStringsW
_lread
FreeEnvironmentStringsA
GetProfileStringA
SetCommTimeouts
CompareStringW
_hread
GetNumberFormatW
EnumCalendarInfoA
IsBadWritePtr
RemoveDirectoryW
ClearCommBreak
GetTapeParameters
AreFileApisANSI
LeaveCriticalSection
PeekConsoleInputW
EnumCalendarInfoW
GetOEMCP
SetLastError
WritePrivateProfileStringW
GetSystemTime
DeleteFiber
FlushFileBuffers
IsProcessorFeaturePresent
WritePrivateProfileStructA
SetSystemTime
TlsGetValue
UnhandledExceptionFilter
EnumSystemCodePagesA
CreateMutexA
GetOverlappedResult
LCMapStringA
_llseek
FreeLibraryAndExitThread
GlobalReAlloc
ReadConsoleOutputA
SetThreadPriorityBoost
GetHandleInformation
lstrlenA

user32

ShowScrollBar
InsertMenuA
DrawAnimatedRects
GetKeyboardType
NotifyWinEvent
DeleteMenu
PtInRect
GetThreadDesktop
DefDlgProcW
wsprintfW
GetWindowContextHelpId
EnumDesktopsW
DispatchMessageW
LoadImageA
CloseClipboard
SetProcessWindowStation
LockWindowUpdate
IsCharLowerW
CharToOemW
CreateMenu
wvsprintfW
PeekMessageA
GetUserObjectInformationW
SetClassLongA

gdi32

StartDocA
GetTextMetricsA
GetROP2
SetBitmapBits
CreateSolidBrush
PolyPolyline
GetTextExtentPointA
DescribePixelFormat
GetSystemPaletteUse
SetWindowExtEx
EnumFontFamiliesW
CopyEnhMetaFileA
Escape
CreateRoundRectRgn
PolyBezier
GetBkMode
MoveToEx
GetNearestColor
GetWindowOrgEx

comdlg32

FindTextA
CommDlgExtendedError
PageSetupDlgA

advapi32

RegCreateKeyA
CryptVerifySignatureW
SetFileSecurityA
GetSidSubAuthority
GetServiceKeyNameW
ReportEventA
RegDeleteKeyA
IsTextUnicode
AddAccessAllowedAce
DuplicateToken
GetSecurityDescriptorLength
RegisterServiceCtrlHandlerA
CloseServiceHandle
CryptDeriveKey
InitiateSystemShutdownW
GetSecurityDescriptorControl
BuildTrusteeWithNameW
DestroyPrivateObjectSecurity
InitializeSecurityDescriptor
ReportEventW
AbortSystemShutdownA
AbortSystemShutdownW
AddAce
GetAclInformation
RegisterServiceCtrlHandlerW
LookupPrivilegeValueW
OpenSCManagerA
CreateServiceW
RegisterEventSourceW
OpenServiceA
CreateProcessAsUserW
RegCloseKey
RegConnectRegistryW
GetFileSecurityW
SetSecurityDescriptorOwner
OpenEventLogW
RegRestoreKeyW
CryptSetHashParam
LockServiceDatabase
CryptHashData

shell32

SHBrowseForFolderA
DragFinish
SHGetSpecialFolderPathW
SHFileOperationA
SHGetPathFromIDListA

ole32

CoImpersonateClient
OleSave
CoRegisterClassObject
ReadClassStg
OleGetIconOfClass

comctl32

ImageList_DragEnter
ImageList_Duplicate
ImageList_SetOverlayImage

shlwapi

PathRemoveBlanksW
PathAppendW
HashData

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_controlfp

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c944ca982e32ccdfb6a23729b575b15

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 27KB