2de36a5c647e2a3a45ed81530f3752c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2de36a5c647e2a3a45ed81530f3752c4_JaffaCakes118
Size

315KB
MD5

2de36a5c647e2a3a45ed81530f3752c4
SHA1

45bc799152ec97320cff7f8fc8c9b9633ccdb5b2
SHA256

c935eaba3941f324cad8d8dd4e248e52397bad13ec8af905bceb49300d4fa147
SHA512

cb68329ae96094f5183ccdaba5561f8048ab31bc7883d733bc62aa829a15f8c72be6192555467597b6e019b59c960948dcd427e4b8f0dbab73a4b65986e14ae8
SSDEEP

6144:ZuoFlDTSvQWQBDePzf33gqwiJ/tX2Lb/ASCZWorPiUbnk:PvDTuQWQBKPzfgqw6/+b/AvWGbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de36a5c647e2a3a45ed81530f3752c4_JaffaCakes118

Files

2de36a5c647e2a3a45ed81530f3752c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24d25f8eed7b6d95c5732237a07e22b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
FillConsoleOutputCharacterA
GetPrivateProfileStringA
GetShortPathNameA
GetSystemInfo
SetConsoleMode
GetVolumeInformationW
ExitProcess
QueryDosDeviceW
_lclose
SetConsoleCursorPosition
ReadConsoleOutputA
_hread
GetCommConfig
EnumCalendarInfoA
SetConsoleOutputCP
GetFullPathNameA
SearchPathW
SetConsoleTitleA
SetEvent
DosDateTimeToFileTime
SetErrorMode
SetThreadPriorityBoost
FindCloseChangeNotification
GetPrivateProfileStringW
EnumCalendarInfoW
GetSystemTime
WriteProcessMemory
GetBinaryTypeW
OpenMutexA
GetLongPathNameA
GetCommandLineA
VirtualAlloc

user32

SystemParametersInfoA
GetDoubleClickTime
EmptyClipboard
GetKeyboardLayoutList
GetDlgCtrlID
GetSystemMenu
GetMonitorInfoA
GetLastActivePopup
DrawFocusRect
GetTopWindow
SetPropA
OemToCharBuffW
keybd_event
SendMessageCallbackW
LoadCursorW
GetFocus
IsWindowEnabled
IsCharUpperW
ChangeClipboardChain
GetWindowLongW
SetDlgItemInt
GetKeyState
ActivateKeyboardLayout
CharToOemW
GetSubMenu
CharLowerBuffA
InvertRect
CreateAcceleratorTableW
DefDlgProcW
CharUpperW
HideCaret
GetWindowWord
GetSysColor
GetClipboardFormatNameA
KillTimer
EnumDisplaySettingsExA
OpenClipboard
CreateDialogIndirectParamA
InsertMenuW
SetWindowTextA
EnumDisplayMonitors
MenuItemFromPoint
GetGuiResources
GetMessageExtraInfo
GetDlgItemTextW
WinHelpA
MapVirtualKeyA
CopyImage
PostThreadMessageA
InSendMessage
IsIconic
DefDlgProcA
GetTitleBarInfo
DrawTextExW
CloseClipboard
CharLowerA

gdi32

CopyMetaFileW
SelectObject
Rectangle

comdlg32

ChooseColorW
GetFileTitleW
GetOpenFileNameA
PrintDlgW

advapi32

ImpersonateLoggedOnUser
RevertToSelf
DestroyPrivateObjectSecurity
OpenEventLogW
CopySid
AddAce
SetPrivateObjectSecurity
GetSidIdentifierAuthority
OpenServiceW
CryptSetProvParam
GetExplicitEntriesFromAclW
LookupAccountNameW
RegOpenKeyExA
SetEntriesInAclW
GetSecurityDescriptorOwner
RegSetValueExA
SetTokenInformation
StartServiceCtrlDispatcherA
ImpersonateSelf
EnumDependentServicesW
RegQueryInfoKeyA
CryptGetUserKey
CryptVerifySignatureA
CryptAcquireContextW
RegQueryInfoKeyW
GetServiceDisplayNameW
LogonUserA
GetAce
SetNamedSecurityInfoW
BuildTrusteeWithSidW
RegCreateKeyA
RegOpenKeyW
GetFileSecurityW
SetFileSecurityA
GetAclInformation
LookupPrivilegeDisplayNameA
NotifyChangeEventLog
ObjectDeleteAuditAlarmW
IsValidSecurityDescriptor
SetSecurityDescriptorDacl
AbortSystemShutdownA
EnumDependentServicesA

shell32

SHAddToRecentDocs
SHGetSpecialFolderPathA
ExtractIconExW

ole32

CoFreeUnusedLibraries
OleSetContainedObject
CoQueryProxyBlanket
CoMarshalInterface
CoGetObject
ReadFmtUserTypeStg
OleBuildVersion
ReadClassStm

oleaut32

VariantCopy
SafeArrayPutElement

shlwapi

StrStrIA
PathRemoveBackslashW
PathIsRootA
PathRemoveExtensionW
SHGetValueW
wnsprintfW
StrFormatByteSizeA
SHOpenRegStream2W
SHRegGetBoolUSValueW
SHRegWriteUSValueW
StrStrA
StrCmpNIA
SHDeleteValueW
PathStripToRootA
UrlIsW
PathStripPathA
StrChrIW
UrlGetPartA
PathIsDirectoryW

Sections

wikgy
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

oiuiwyy
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ocyam
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

swoiiw
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24d25f8eed7b6d95c5732237a07e22b6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

wikgy Size: 2KB - Virtual size: 2KB

oiuiwyy Size: 5KB - Virtual size: 4KB

ocyam Size: 275KB - Virtual size: 274KB

swoiiw Size: 32KB - Virtual size: 31KB

wikgy
Size: 2KB - Virtual size: 2KB

oiuiwyy
Size: 5KB - Virtual size: 4KB

ocyam
Size: 275KB - Virtual size: 274KB

swoiiw
Size: 32KB - Virtual size: 31KB