2aa27fe1747220a151061100bcfe9e79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aa27fe1747220a151061100bcfe9e79_JaffaCakes118
Size

252KB
MD5

2aa27fe1747220a151061100bcfe9e79
SHA1

46758a0354acecd475e691705dddbd9582afd181
SHA256

103ddc31c088344b092bdce3126785499adfdeb73dd527d644fd1bd6d0a7b57e
SHA512

63f49d0894627f80991a307db0fcd68e2ef390849060be2cf2504817114295a6a24eacf1aab8c0b9cc0288f0fb03d4816e62517a91b5718dd5e7ae0bbf9b5eaa
SSDEEP

6144:rpFuuhg4cDpr+X6qGX7tNN4YATw4JAn4PZ7:rpIOcDpr+ZGX7x4VTweA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aa27fe1747220a151061100bcfe9e79_JaffaCakes118

Files

2aa27fe1747220a151061100bcfe9e79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

881949e168fc949a0bb2bc177c23f457

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
GetEnvironmentVariableW
GetDateFormatA
GetTapeParameters
QueryDosDeviceW
RemoveDirectoryW
PeekConsoleInputW
SetSystemTime
SetErrorMode
LocalLock
_lclose
GetSystemDefaultLangID
SetCommMask
ReleaseSemaphore
SetEnvironmentVariableA
GetCPInfo
CreatePipe
SetConsoleOutputCP
SetFileTime
GetModuleFileNameW
WritePrivateProfileSectionA
SizeofResource
GetThreadContext
SetVolumeLabelA
SetStdHandle
GetFileAttributesA
MoveFileW
ClearCommBreak
FreeResource
_lopen
GetStringTypeExW
CancelIo
LoadResource
EnumDateFormatsW
DebugBreak
CreateDirectoryExA
SetHandleCount
GetDriveTypeA
GetConsoleCursorInfo
FindNextChangeNotification
ExitThread
FreeLibrary
RemoveDirectoryA
CreateFileW
CreateMutexA
IsValidLocale
ScrollConsoleScreenBufferA
SuspendThread
GetSystemDirectoryW
FreeEnvironmentStringsA
GetCompressedFileSizeW
GetTimeZoneInformation
GetFileAttributesExA
EnumSystemCodePagesW
GetNumberFormatW
GetComputerNameW
SetupComm
GetFileType
Beep
CreateEventA
GetTempFileNameA
EnumCalendarInfoA
SetConsoleCursorPosition
GetACP
VirtualProtect
GlobalReAlloc
GetLocaleInfoW
CloseHandle
ReadConsoleInputW
GetShortPathNameW
EnumResourceLanguagesW
GetSystemTimeAsFileTime
GetCurrentProcessId
IsBadStringPtrA
EnumSystemCodePagesA
PrepareTape
SetThreadPriorityBoost
IsBadReadPtr
SetCurrentDirectoryA
FindCloseChangeNotification
AllocConsole
SetFileAttributesA
WritePrivateProfileSectionW
GlobalUnlock
GlobalFindAtomW
GlobalFindAtomA
GetWindowsDirectoryA
CreateWaitableTimerA
TlsGetValue
GetCommandLineA
GetVersionExA
lstrlenA
VirtualAlloc
GetProcessTimes
ExitProcess

user32

CheckRadioButton
FlashWindowEx
SetCursorPos
MessageBeep
GetClipboardOwner
CreateWindowExA
WaitForInputIdle
SetWindowTextA
EnumDisplaySettingsExA
SendNotifyMessageA
GetMessageExtraInfo
IsRectEmpty
FindWindowA
LoadMenuW
CreateWindowExW
CreateCaret
SetProcessWindowStation
ScrollWindowEx
EnumDisplaySettingsW
SetClipboardData
DispatchMessageA
ToUnicode
PeekMessageA
CreateIcon
GetCaretPos
EndMenu
IsDialogMessageA
GetWindowRgn
GetIconInfo
ClientToScreen
SendMessageA
CountClipboardFormats
GetCaretBlinkTime
GetMenuCheckMarkDimensions
LoadKeyboardLayoutA
RegisterClassA
InsertMenuItemW
LoadCursorFromFileW

gdi32

CreatePatternBrush
SetArcDirection
AbortDoc

comdlg32

CommDlgExtendedError
PageSetupDlgW
ChooseFontA

advapi32

GetSecurityDescriptorLength
RegCreateKeyA
GetAce
RegEnumKeyExW
ObjectCloseAuditAlarmW
CryptEncrypt
RegOpenKeyExA
CryptGetHashParam
CreatePrivateObjectSecurity
GetSecurityDescriptorDacl
ReportEventA
AccessCheckAndAuditAlarmA
CryptGetUserKey
LookupPrivilegeDisplayNameA
GetFileSecurityW
RegRestoreKeyW
GetServiceDisplayNameW
AddAce
RegQueryValueW
AccessCheck
CloseServiceHandle
RegisterEventSourceA
CryptSetKeyParam
RegSaveKeyW
RegLoadKeyA

ole32

CoLockObjectExternal
CoDisconnectObject
CoFreeAllLibraries
ReadFmtUserTypeStg
CoRegisterClassObject
CoUninitialize
CoReleaseServerProcess
OleCreateMenuDescriptor

oleaut32

SysStringLen
SafeArrayPutElement
VariantCopy
QueryPathOfRegTypeLi
LoadTypeLibEx
SafeArrayCreate
SafeArrayRedim

shlwapi

StrCmpNW
PathSkipRootW
PathIsUNCW
PathCanonicalizeW
StrFormatKBSizeW
UrlIsW
UrlApplySchemeW
PathIsDirectoryA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

881949e168fc949a0bb2bc177c23f457

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB