2aa13eb8034e9caf09153735edc3b07e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aa13eb8034e9caf09153735edc3b07e_JaffaCakes118
Size

369KB
MD5

2aa13eb8034e9caf09153735edc3b07e
SHA1

f0eabd9b298d45f04b45044da0f016d21623ef18
SHA256

0b15d00c9723c58c95921befaa88714b3b689424f057deddbd65c9ae31889837
SHA512

27c315729d0735c5b2896a912d6a58dfec2859abcd2bb7370f1f259c1074adf0523d3bcddf8b1a64c60bf15ed0563c710692eb66048c9eb14b5efa4678b39cbe
SSDEEP

6144:hETYvOAgS5dyhhCN3z3YKrQu+EiNMaw0b/i1QALKhViNkE4pDz/j5Jd/IKqQlDgc:eYvtV5Pc9NMawKiPLOlE4pvjdu0gWK0N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa13eb8034e9caf09153735edc3b07e_JaffaCakes118

Files

2aa13eb8034e9caf09153735edc3b07e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc54f913b81593dfd0c184d8ca4cba04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EscapeCommFunction
QueueUserAPC
ConnectNamedPipe
PulseEvent
LockResource
VirtualUnlock
GetPrivateProfileStringW
GetCurrentDirectoryA
FindFirstChangeNotificationA
GetSystemDirectoryA
ResumeThread
GetConsoleCursorInfo
GetTickCount
GetSystemDefaultLangID
SwitchToFiber
DosDateTimeToFileTime
GetNumberFormatW
InterlockedExchangeAdd
FindFirstFileW
GlobalUnlock
WriteConsoleInputA
FindNextChangeNotification
SetCurrentDirectoryW
GetOEMCP
GetStringTypeW
HeapReAlloc
GetThreadLocale
DeleteFileW
HeapFree
FreeLibrary
lstrlenA
CreateDirectoryA
GetDateFormatW
ReadConsoleA
GetLocalTime
PeekNamedPipe
SetVolumeLabelA
GetModuleHandleW
LockFileEx
InterlockedIncrement
GetFileSize
GetProfileIntW
GetProcAddress
SetConsoleTitleA
GetThreadContext
GetTapeParameters
SetConsoleOutputCP
GetHandleInformation
SizeofResource
_lclose
FindAtomW
MoveFileW
FindResourceA
OpenProcess
DefineDosDeviceW
GetStringTypeExA
FileTimeToSystemTime
GetTempFileNameA
WriteConsoleOutputAttribute
LoadLibraryExA
SetThreadIdealProcessor
CopyFileExW
GetFileAttributesA
GlobalFindAtomW
DeleteAtom
GetWindowsDirectoryA
CreateIoCompletionPort
GetVersionExA
GetModuleHandleA
CreateNamedPipeW
WritePrivateProfileStructA
FindFirstFileA
TlsSetValue
VirtualFree
ReadConsoleOutputA
IsBadReadPtr
SearchPathA
GetStartupInfoA
SetConsoleScreenBufferSize
LoadResource
OpenSemaphoreW
GetStringTypeA
FlushInstructionCache
GetExitCodeThread
GetProcessAffinityMask
GetFileInformationByHandle
GetSystemTimeAdjustment
VirtualQuery
VirtualProtect

user32

GetWindowThreadProcessId
MonitorFromPoint
HiliteMenuItem
ValidateRect
IsWindowEnabled
CreateWindowStationW
SetMessageQueue
GetClassLongA
UnhookWindowsHook
TileWindows
SetMenuInfo
CreateIconIndirect
UnregisterClassW
SetTimer
GetClassInfoW
GetTopWindow
EqualRect
EnumDesktopsA
SetWindowLongW
IsCharAlphaA
MessageBoxW
GetClassNameA
DialogBoxIndirectParamW
GetPropW
SystemParametersInfoW
GetWindow
DrawEdge
UnionRect
GetCapture
SwitchToThisWindow
TranslateAcceleratorW
ChangeMenuW
WinHelpW
ModifyMenuW
GetMonitorInfoA
SetClassLongW
SetWindowRgn
DrawCaption

gdi32

Chord

advapi32

GetSecurityDescriptorSacl
RevertToSelf
CryptSignHashW
InitiateSystemShutdownW
RegSaveKeyW
InitializeAcl
SetPrivateObjectSecurity
RegQueryValueA
RegCreateKeyA
CreateServiceW
GetSecurityInfo
AccessCheck
CryptGetHashParam

shell32

ExtractIconA
DragFinish
CommandLineToArgvW
SHBrowseForFolderW

ole32

OleCreate
RevokeDragDrop
OleRegEnumVerbs
CoReleaseMarshalData
OleConvertOLESTREAMToIStorage

oleaut32

VariantChangeTypeEx
SafeArrayAccessData
SafeArrayRedim
SysAllocString
SafeArrayGetUBound
LoadTypeLibEx
GetErrorInfo
SafeArrayGetElement

comctl32

ImageList_Create
CreatePropertySheetPageW

shlwapi

UrlCombineW
PathCompactPathW
StrDupW
SHDeleteValueW
PathIsFileSpecW

setupapi

SetupDiClassGuidsFromNameExA
SetupInstallServicesFromInfSectionA
SetupOpenLog
SetupDiOpenDeviceInterfaceW

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp
_except_handler3

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc54f913b81593dfd0c184d8ca4cba04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

.text Size: 260KB - Virtual size: 258KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 97KB - Virtual size: 97KB

.text
Size: 260KB - Virtual size: 258KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 97KB - Virtual size: 97KB