2a9f309bb5f2ba1b524729e65351ef80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a9f309bb5f2ba1b524729e65351ef80_JaffaCakes118
Size

260KB
MD5

2a9f309bb5f2ba1b524729e65351ef80
SHA1

1c425a3843d47d51d64079397d31784521eac4e0
SHA256

811924fd12a31cce442b8e18fe0a94cd8990d4c9cd5103423f0418a0e068000c
SHA512

5bd49a88a2b315c4bb8e7ff37b7770f3c779154e4707b3059f5cc6f72f4434e34df2cb8b0e237d47eb43ff2ad2f0afa67212d012ef11d374068b33322c8c74a8
SSDEEP

6144:fe5AU1S8AhQecjDjY93279PYxsv1dm85rcZ1+vfXdXh:m2UlAhQecXM9wQq1o8Bg1uPdXh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a9f309bb5f2ba1b524729e65351ef80_JaffaCakes118

Files

2a9f309bb5f2ba1b524729e65351ef80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7ed94284d1d2aef124c7a66a3801d31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
GetCurrentDirectoryW
GetFileAttributesA
LoadLibraryExA
SetCommMask
GlobalReAlloc
GetTickCount
WritePrivateProfileSectionA
SetEnvironmentVariableA
IsValidLocale
GetModuleHandleA
FindCloseChangeNotification
LocalSize
GlobalFlags
MoveFileW
GetPrivateProfileStringW
SetConsoleOutputCP
FreeResource
ExitThread
CreateDirectoryA
EnumResourceNamesW
CreateNamedPipeW
GetFileAttributesExA
SetCommTimeouts
GetHandleInformation
GetProfileStringA
WritePrivateProfileSectionW
VirtualQuery
lstrcpyA
WriteConsoleOutputCharacterA
GetDiskFreeSpaceW
GlobalDeleteAtom
CreateMutexW
lstrcpynA
GetTimeZoneInformation
GetSystemInfo
LCMapStringA
OpenSemaphoreW
ReadDirectoryChangesW
GetProfileIntA
ExpandEnvironmentStringsW
VirtualLock
WriteFile
GetSystemTime
GetPrivateProfileStringA
CreatePipe
CopyFileExW
FindFirstFileA
FormatMessageA
GetStartupInfoA
GetOEMCP
lstrlenA
VirtualAlloc

user32

IsCharAlphaNumericA
GetMenuItemInfoA
FlashWindowEx
GetMenu
LoadBitmapW
ChangeMenuA
CharNextW
SendMessageW
GetDlgCtrlID
CreateCursor
SetMenuDefaultItem
SetProcessWindowStation
WinHelpW
DrawIcon
DragDetect
SetKeyboardState
SetSysColors
EndPaint
GetCursorPos
MessageBoxIndirectW
FindWindowExW
UnhookWindowsHookEx
TranslateAcceleratorW
GetClipboardOwner
SetUserObjectSecurity
SendMessageCallbackW
ChangeMenuW
wvsprintfA
InsertMenuA
GetKeyboardLayoutNameW
IsMenu
GetWindowWord
GetWindow
IsCharLowerA
UnregisterClassA
FrameRect
GetScrollPos
OffsetRect
SetUserObjectInformationW
GetMenuInfo
LoadKeyboardLayoutW
GetUserObjectInformationA
GetInputState
ClientToScreen
IsCharUpperA
SetWindowTextW
OemToCharBuffA
KillTimer
CreateDesktopA
EnableMenuItem
GetPropW
LoadStringW
CountClipboardFormats
MapVirtualKeyExW

gdi32

LineDDA
SetBitmapBits
CreateMetaFileA
CreateFontA
StretchBlt
GetDeviceCaps
ExtTextOutW
FrameRgn
CreateFontW
GdiComment
CreateHatchBrush
GetROP2
DeleteObject
SetMapMode
SetBrushOrgEx
GetCharWidth32W
GetFontLanguageInfo
Ellipse
RectInRegion
ScaleWindowExtEx
GetPaletteEntries

comdlg32

ReplaceTextW
ChooseColorA
CommDlgExtendedError
FindTextW

advapi32

SetFileSecurityW
CryptReleaseContext
ImpersonateNamedPipeClient
RegEnumKeyW
LockServiceDatabase
RegEnumKeyExW
GetLengthSid
AccessCheckAndAuditAlarmA
RegEnumKeyA
AdjustTokenPrivileges
SetSecurityInfo
QueryServiceConfigW
AllocateLocallyUniqueId
ObjectDeleteAuditAlarmW
RegReplaceKeyW
RegQueryValueW
GetAclInformation
RegLoadKeyW
CreateProcessAsUserW
AccessCheckAndAuditAlarmW
GetPrivateObjectSecurity
CryptSetKeyParam
CreateServiceA
LookupPrivilegeValueW
GetSecurityDescriptorControl
RegCloseKey
RegUnLoadKeyW
EnumServicesStatusA
CryptVerifySignatureA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHFileOperationA
ExtractIconExW
DragFinish

ole32

OleRegGetMiscStatus
OleSave
IIDFromString

oleaut32

LoadTypeLi
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayRedim
SafeArrayGetLBound
VariantChangeType

comctl32

ImageList_SetOverlayImage
ImageList_DragShowNolock
ImageList_SetBkColor
ImageList_DrawIndirect

shlwapi

PathRelativePathToA
PathIsDirectoryW
HashData
PathGetDriveNumberW
UrlApplySchemeW
PathCanonicalizeA
StrCpyW
SHDeleteKeyA
ChrCmpIW

msvcrt

__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_initterm
_except_handler3
_controlfp

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d7ed94284d1d2aef124c7a66a3801d31

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 10KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 10KB