2c53fd2312b7ebea3f3c0eb6d8f2d789_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c53fd2312b7ebea3f3c0eb6d8f2d789_JaffaCakes118
Size

320KB
MD5

2c53fd2312b7ebea3f3c0eb6d8f2d789
SHA1

3a51bb0e89d023ee80fd6c17ce44854dd6b1cb47
SHA256

3fa4269ed7ae317317835e27b1d3d66b80a17510efeec1027da1aca930005ad1
SHA512

73a161a2bb3e0565eaf61d3aff02365818b7fea02ab0bc7922431a694a239bc3d684d2dd235f7a15b0149118aad3005ae8c3d89aac82deb7a448e9ee4e6cc85a
SSDEEP

6144:j60izDIjxITyTx8S0BHut35Dx8NFMstzkPTWxJg85aWcVGJ6P3hBUT848o:jJiHDyC8t3xx8NHzKMP5r+sUuTJ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c53fd2312b7ebea3f3c0eb6d8f2d789_JaffaCakes118

Files

2c53fd2312b7ebea3f3c0eb6d8f2d789_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e04e522a97b689daa0e295fb806a5ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
ExitThread
EnumCalendarInfoA
TlsGetValue
SetProcessShutdownParameters
EnumDateFormatsW
GetSystemTime
GetCPInfo
WritePrivateProfileSectionW
LeaveCriticalSection
GetDiskFreeSpaceW
CreateDirectoryA
GetLogicalDriveStringsW
WriteConsoleOutputAttribute
TransactNamedPipe
SetVolumeLabelA
WriteFileEx
_lread
FindAtomA
GlobalAlloc
OpenMutexA
CreateRemoteThread
PulseEvent
VirtualLock
lstrcmpiW
InitializeCriticalSection
ScrollConsoleScreenBufferW
GetDateFormatW
GetNumberFormatW
InterlockedDecrement
GetPrivateProfileStringA
LocalReAlloc
FlushInstructionCache
ReadDirectoryChangesW
GetTimeZoneInformation
LCMapStringW
GetModuleFileNameA
BackupRead
WritePrivateProfileSectionA
CreateThread
LoadLibraryExW
GetEnvironmentVariableA
GetConsoleTitleW
LockResource
lstrcpynW
SetConsoleActiveScreenBuffer
GetCurrentDirectoryA
GetLargestConsoleWindowSize
WaitForMultipleObjectsEx
InterlockedIncrement
GetLocaleInfoA
ResetEvent
SwitchToThread
GetProfileStringA
GlobalSize
LockFileEx
ConnectNamedPipe
DeleteFiber
GetDiskFreeSpaceExA
AreFileApisANSI
LocalLock
SystemTimeToFileTime
GetProfileIntW
lstrlenA
SetConsoleWindowInfo
CallNamedPipeA
FreeResource
GetPrivateProfileSectionNamesA
IsBadCodePtr
EnumResourceTypesA
IsBadStringPtrW
GetCompressedFileSizeW
GetLongPathNameW
SetFileApisToOEM
GetACP
BeginUpdateResourceA
ReadConsoleOutputAttribute
GetDriveTypeA
SetHandleCount
GetVolumeInformationW
CreateMailslotW
FatalAppExitA
GetAtomNameA
GetStartupInfoA
GetProfileStringW
LockFile
CreateWaitableTimerW
InterlockedExchangeAdd
GetCompressedFileSizeA
CreateProcessW
DeviceIoControl
FileTimeToDosDateTime
WriteConsoleInputW
CompareStringA
SetConsoleTitleA
GetCommandLineA
GetVersionExA
VirtualProtect
GetModuleHandleW
ExitProcess

user32

SetUserObjectInformationW

gdi32

GdiFlush
ExtCreateRegion
EnumFontsW
CreatePolyPolygonRgn
GetPixelFormat
GetEnhMetaFileHeader

comdlg32

PrintDlgA

advapi32

QueryServiceStatus
LockServiceDatabase
LookupAccountSidW
BuildTrusteeWithNameW
SetServiceStatus
GetUserNameW
SetPrivateObjectSecurity
CryptGetUserKey
CryptReleaseContext
GetSidSubAuthorityCount
CreateProcessAsUserW
OpenSCManagerW
ChangeServiceConfigA
GetPrivateObjectSecurity
CryptDestroyKey
QueryServiceLockStatusW
EqualSid
RegOpenKeyA
AccessCheckAndAuditAlarmA
IsValidSid
OpenServiceW
EnumServicesStatusA
GetSecurityDescriptorSacl
InitializeAcl
RegisterServiceCtrlHandlerA
CloseEventLog
RegCloseKey
GetServiceKeyNameW
RegCreateKeyW
RegQueryValueA
BuildTrusteeWithSidW
RegLoadKeyW
SetEntriesInAclW

shell32

FindExecutableA
ShellAboutA
FindExecutableW
DragQueryFileA

ole32

CreateFileMoniker
CoInitializeSecurity
MkParseDisplayName
OleRun
CoSetProxyBlanket
OleSetMenuDescriptor
CoCreateFreeThreadedMarshaler
CoMarshalInterface

oleaut32

VariantCopyInd
SafeArrayCreateVector
SafeArrayCreate
DispGetIDsOfNames
SysAllocStringLen
SysStringLen
VariantChangeTypeEx
SafeArrayUnaccessData

comctl32

ImageList_Duplicate
ImageList_Merge

shlwapi

StrCatW
PathFindOnPathW
StrCmpNIW
StrToIntExW
PathGetDriveNumberA
StrStrIW
PathUnquoteSpacesW
StrCmpIW
StrChrA
StrCmpNW
StrDupA
StrCmpW
SHRegWriteUSValueW
SHSetThreadRef
SHCopyKeyA
SHRegQueryUSValueW

setupapi

SetupDiEnumDriverInfoW
SetupScanFileQueueW
SetupDiCreateDeviceInfoA

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e04e522a97b689daa0e295fb806a5ef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 16KB