2a70c4c5e87aa57454f653310ee63564_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a70c4c5e87aa57454f653310ee63564_JaffaCakes118
Size

300KB
MD5

2a70c4c5e87aa57454f653310ee63564
SHA1

f744c56b338974379b24513966655fad1c3221a8
SHA256

d51b733da83779d9323fab60c931af002b53e2d33d9eaa027aa3f554289ff8ed
SHA512

c69793562cf6c666ea855f4be68f5b00f4d88d8729efffea1efd698a9a6b2f3f57f392a07385e320ab58da3a59f1b9a55d7205fdcac9911c3fb7522dd1a9c590
SSDEEP

6144:Oi0HYdslV0geWV9YNYZmIQNLeMr27AvSixMTkDJUN:OzYdslKqVGcmIQNLeH7Av8T9N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a70c4c5e87aa57454f653310ee63564_JaffaCakes118

Files

2a70c4c5e87aa57454f653310ee63564_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cf7ac6ed591b546a252339b5633a670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
SetEvent
EndUpdateResourceA
GetFileType
PrepareTape
GetSystemDefaultLangID
WritePrivateProfileSectionA
EraseTape
LocalFileTimeToFileTime
FreeResource
ExitProcess
GetCommandLineA
ClearCommBreak
EnumDateFormatsW
LoadLibraryExW
GetStringTypeExW
LocalAlloc
GetCurrentProcessId
GlobalDeleteAtom
SetConsoleCursorPosition
GetProfileStringA
lstrlenA
VirtualProtect
GetVersionExA

user32

CharNextExA
DeleteMenu
ModifyMenuA
UnregisterClassW
GetIconInfo
GetMonitorInfoW
RemovePropW
EnumDisplaySettingsA
ChangeDisplaySettingsW
SetClipboardViewer
CopyAcceleratorTableA
CheckMenuItem
GetClipboardFormatNameA
ChangeMenuA
GetClientRect
ToAscii
CopyIcon
IsRectEmpty
GetClipCursor
GetCursor

gdi32

StretchBlt
SetMetaFileBitsEx
CreateCompatibleDC
GetTextExtentExPointW
CombineRgn
DPtoLP
SetBkColor
GetTextFaceA
CopyEnhMetaFileA

comdlg32

GetOpenFileNameA
PageSetupDlgW

advapi32

GetUserNameA
EnumDependentServicesA
RegOpenKeyExW
RegEnumKeyExW
AllocateAndInitializeSid
SetNamedSecurityInfoW
CryptReleaseContext
GetServiceKeyNameW
IsTextUnicode
CloseEventLog
RegSaveKeyA
InitializeAcl
GetFileSecurityW
PrivilegeCheck
SetServiceStatus
FreeSid
IsValidAcl
MapGenericMask
GetSecurityInfo
DuplicateToken
AddAce
ChangeServiceConfigA
RegDeleteValueA

ole32

RevokeDragDrop
OleConvertIStorageToOLESTREAM
OleFlushClipboard
CoTaskMemRealloc
GetClassFile
CoUninitialize
CoMarshalInterface
OleSetContainedObject
CoReleaseMarshalData

oleaut32

LoadTypeLi
SafeArrayUnaccessData
QueryPathOfRegTypeLi
SysStringLen
SafeArrayPutElement
SafeArrayCreate

shlwapi

PathIsRelativeA
PathStripPathW
SHGetValueW
UrlApplySchemeW
StrRetToStrW
StrStrIW
SHRegSetUSValueW
PathRelativePathToA
SHQueryValueExW
PathIsPrefixW
SHStrDupW
PathUnquoteSpacesW

setupapi

SetupFindFirstLineW
SetupDiCreateDeviceInfoA
SetupGetInfFileListA
SetupGetLineCountA
SetupDiGetClassDescriptionW
SetupDiRemoveDevice
SetupGetLineTextW
SetupScanFileQueueA
SetupOpenInfFileA
SetupDiGetDeviceInfoListDetailA
SetupLogErrorW
SetupDiSetDeviceInstallParamsA

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5cf7ac6ed591b546a252339b5633a670

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 5KB