2aee53c71520ab687a0470b2f7647d42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aee53c71520ab687a0470b2f7647d42_JaffaCakes118
Size

296KB
MD5

2aee53c71520ab687a0470b2f7647d42
SHA1

bcaafe5e1f010cdf837ad1c086cc938244ebb49a
SHA256

ece441a65824628c34932524699554092a17f0db3cf87548d1b7875e660896ea
SHA512

4c25dbcc72d42c17f235cff4baecb5931efc39a14aefd74b200565c2cefa35ead636a1992aa83d45450c771ef87f47b26602ef941d5573d901bd393443014764
SSDEEP

6144:mMofUE1HKQb1+Jr3yNYRmGbBtjuYsd3dzZyW8uozdIQo5JST403:mMofV1KQbAJr3yEfaYsdtzZyW8ue1o58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aee53c71520ab687a0470b2f7647d42_JaffaCakes118

Files

2aee53c71520ab687a0470b2f7647d42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a0984378d8dc004b0eec25ce53e2adf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
ReadConsoleA
IsDBCSLeadByteEx
GetVolumeInformationW
GetSystemTime
FindResourceExW
WriteConsoleOutputCharacterA
OutputDebugStringW
CreatePipe
SetErrorMode
CreateProcessA
LCMapStringA
GetDriveTypeW
FindNextChangeNotification
FindFirstFileW
ReadFileScatter
EnumSystemCodePagesW
CancelIo
SetMailslotInfo
_lopen
SetEndOfFile
GlobalAddAtomW
GetEnvironmentStringsW
LeaveCriticalSection
FindCloseChangeNotification
CompareStringA
GetThreadContext
ReadConsoleInputW
SetEnvironmentVariableW
SuspendThread
PeekConsoleInputW
GetProcessTimes
GetHandleInformation
SetCurrentDirectoryA
GetComputerNameW
GetDriveTypeA
SizeofResource
WriteFile
ExitProcess
SetFileAttributesA
SystemTimeToFileTime
SetProcessAffinityMask
GlobalFlags
GlobalUnlock
SetTimeZoneInformation
lstrcmpiW
MoveFileExA
GetEnvironmentVariableW
GetShortPathNameA
GetProcessHeap
WriteProcessMemory
CloseHandle
MultiByteToWideChar
QueryDosDeviceW
GetCommState
GetSystemTimeAsFileTime
GetConsoleMode
EnumDateFormatsW
PrepareTape
GetCommandLineA
CreateMutexA
GetLongPathNameA
GetUserDefaultLangID
GetSystemDirectoryW
GetCurrentProcessId
LocalAlloc
SetProcessShutdownParameters
GetDateFormatA
FlushConsoleInputBuffer
PurgeComm
ReadDirectoryChangesW
_lclose
lstrcmpA
SetSystemTime
_llseek
SetConsoleMode
CreateDirectoryExA
FlushFileBuffers
SetConsoleOutputCP
EnumCalendarInfoA
SetVolumeLabelA
EraseTape
OpenSemaphoreW
EnumSystemCodePagesA
LoadLibraryExA
GetSystemDefaultLangID
SetConsoleTitleA
GetVersionExA
RaiseException
VirtualAlloc

user32

PostMessageW
OffsetRect
WindowFromPoint
CloseDesktop
GetAncestor
GetPropW
InsertMenuItemW
GetClipboardFormatNameW
MonitorFromPoint
CharLowerBuffW
InsertMenuItemA
GetFocus
GetWindowTextA
EnumDesktopWindows
SetProcessWindowStation
ChildWindowFromPointEx
EndPaint
GetWindowTextLengthW
CreateCaret
SetMenuItemInfoW
GetAsyncKeyState
CallNextHookEx
GetTabbedTextExtentA
LoadBitmapA
SendNotifyMessageW
InternalGetWindowText
DrawFrameControl
IsCharAlphaA
CreateMDIWindowW

gdi32

GetTextAlign
CloseFigure
EnumFontFamiliesA
EndPath
PolyDraw
SetArcDirection
SetMapMode
SetBrushOrgEx
ArcTo

comdlg32

ReplaceTextA
ChooseColorW

advapi32

RegCloseKey
LookupPrivilegeDisplayNameA
QueryServiceConfigW
RegDeleteKeyW
SetSecurityInfo
IsValidAcl
CryptGetProvParam
DeleteAce
RegSetKeySecurity
DestroyPrivateObjectSecurity
EqualSid
GetSidLengthRequired
SetServiceObjectSecurity
RegQueryValueExA
SetKernelObjectSecurity
OpenServiceW

shell32

SHFileOperationW
SHFileOperationA
FindExecutableW
ExtractIconExW
SHGetPathFromIDListA

oleaut32

VariantCopy
LoadTypeLibEx

comctl32

ImageList_DragLeave
ImageList_GetImageCount

shlwapi

StrToIntW
wvnsprintfW
PathFindNextComponentW
PathRemoveFileSpecW
StrCmpW
SHRegOpenUSKeyW
UrlGetPartW
PathRemoveFileSpecA
SHSetValueA
SHDeleteValueW
StrStrA
SHRegQueryUSValueW
SHCreateStreamOnFileW
SHRegGetUSValueW
PathCombineA

Sections

usyymy
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

uokauu
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qgkmoem
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

moyeau
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a0984378d8dc004b0eec25ce53e2adf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

Sections

usyymy Size: 4KB - Virtual size: 3KB

uokauu Size: 8KB - Virtual size: 4KB

qgkmoem Size: 232KB - Virtual size: 229KB

moyeau Size: 48KB - Virtual size: 44KB

usyymy
Size: 4KB - Virtual size: 3KB

uokauu
Size: 8KB - Virtual size: 4KB

qgkmoem
Size: 232KB - Virtual size: 229KB

moyeau
Size: 48KB - Virtual size: 44KB