2aaa2ea604446e55c314c2dc811ec2e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aaa2ea604446e55c314c2dc811ec2e6_JaffaCakes118
Size

320KB
MD5

2aaa2ea604446e55c314c2dc811ec2e6
SHA1

5c2fe860d36b8b939109222107a933179ed8c62e
SHA256

0e12851a93267a3ce062815fe40298e1c3d2f5de55da4fded4b50f7d5bca180d
SHA512

ae69fd3355853a1dba08510b395fc63f59680883e303f124a48973bd3aa49266c04fb8c0901e9784a3b037bd72bdd45b5c306d0244818fd7d4186289c2d21687
SSDEEP

6144:+HshV5XVrVOUmC9VBk4/fQwgYynxTcomIZVO17rlF3KahEeq6m26qnqT4D:V/rNDk4/fQwgpxztV4FFayq6m2SkD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aaa2ea604446e55c314c2dc811ec2e6_JaffaCakes118

Files

2aaa2ea604446e55c314c2dc811ec2e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5358ee4a54dcb96656b14753d94d88a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetNamedPipeHandleState
CreateEventW
AddAtomW
BackupWrite
TlsSetValue
LoadResource
VirtualProtect
GetCommandLineW
LocalFileTimeToFileTime
LocalReAlloc
SetCommMask
CreateProcessA
SetStdHandle
GetWindowsDirectoryW
GetFileInformationByHandle
FatalAppExitA
GetShortPathNameA
ResumeThread
GlobalAlloc
CreateWaitableTimerA
GetThreadPriority
SetThreadPriorityBoost
ConvertThreadToFiber
GetTapePosition
DeleteCriticalSection
SwitchToThread
IsBadReadPtr
SetEnvironmentVariableW
CompareStringW
ExitThread
DefineDosDeviceW
GetCurrentDirectoryA
FreeEnvironmentStringsW
IsValidCodePage
GetProfileIntA
SetEvent
SizeofResource
CreateIoCompletionPort
GetPrivateProfileSectionNamesA
CreateFileMappingW
AreFileApisANSI
OpenEventW
IsDBCSLeadByte
GetCommandLineA
GetVersionExA
lstrlenA
FormatMessageA
ExitProcess

user32

UnhookWindowsHook
SetForegroundWindow
SetThreadDesktop
CopyAcceleratorTableW
GetUserObjectSecurity
LoadKeyboardLayoutW
CharNextExA
IsCharUpperW
GetClassInfoExA
MapWindowPoints
GetMenuItemID
ScreenToClient
IsCharUpperA
LoadStringA
GetClassInfoExW
CreateIcon
RemovePropA
GetClipboardSequenceNumber
DefMDIChildProcA
OemToCharBuffW
FrameRect
MonitorFromPoint
TileWindows
wvsprintfA
SetPropA
CopyAcceleratorTableA
ArrangeIconicWindows
EnumDisplayDevicesW
BroadcastSystemMessageW

gdi32

InvertRgn
LineDDA
SetBitmapDimensionEx
SetPixelFormat
GetGlyphOutlineW
CombineRgn
GetViewportExtEx
ArcTo
GetWindowOrgEx
GetViewportOrgEx
StartDocW

comdlg32

GetFileTitleA
PrintDlgA
ReplaceTextA

advapi32

GetNamedSecurityInfoW
GetServiceDisplayNameA
SetThreadToken
LookupAccountNameW
AdjustTokenPrivileges
RegQueryValueW
CryptSetHashParam
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
IsValidSecurityDescriptor
RegQueryInfoKeyW
FreeSid
GetUserNameW
GetSecurityDescriptorSacl
GetFileSecurityA
RegDeleteValueW
StartServiceW
EnumServicesStatusW
AccessCheckAndAuditAlarmA
RegFlushKey
RegCloseKey
BuildTrusteeWithNameW
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
InitializeSecurityDescriptor
CryptGenKey

ole32

BindMoniker
ProgIDFromCLSID
CoRegisterClassObject
CreateItemMoniker
CoIsOle1Class
StgIsStorageFile
WriteFmtUserTypeStg
OleNoteObjectVisible
CoGetObject

comctl32

ImageList_Merge

shlwapi

PathIsRootW
StrStrW
StrDupW
PathIsRelativeW
StrCmpNIA
PathRelativePathToW

setupapi

SetupLogErrorA

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5358ee4a54dcb96656b14753d94d88a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

comctl32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 280KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 26KB

.text
Size: 284KB - Virtual size: 280KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 26KB