2caedf44644c0297cf4597c28e1d7b27_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2caedf44644c0297cf4597c28e1d7b27_JaffaCakes118
Size

328KB
MD5

2caedf44644c0297cf4597c28e1d7b27
SHA1

1735095a034838de1a06431053879af3ced1a850
SHA256

8dd6f8fcc1c88f0a52bc633a098666dc0205a310ea7316521bf439d1c269fc61
SHA512

b7ed707389aee5150f6667ffe8b3c20d4db98c66aa598ecc2ff2e767b290a9418007a18913e55782631947aea51998e31d8b343b992d98ea5ef2b797616a377f
SSDEEP

6144:95inRBC9nZdRzc3K2mp8bmM566AmhHmQV:9SB2nZdSK2mWb66ZhG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2caedf44644c0297cf4597c28e1d7b27_JaffaCakes118

Files

2caedf44644c0297cf4597c28e1d7b27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30b2c61d42da40421a376eec3b2de56e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessWorkingSetSize
EndUpdateResourceA
GetSystemDefaultLangID
ScrollConsoleScreenBufferA
LoadLibraryExW
FindResourceExW
FindFirstFileA
VirtualAllocEx
SetEvent
ReadFileScatter
OpenMutexA
GetFileAttributesExA
CreateIoCompletionPort
GetVersion
lstrcmpiA
MoveFileW
CompareStringA
FatalAppExitA
GetConsoleMode
FindFirstFileW
GetThreadPriority
WritePrivateProfileSectionW
SetTimeZoneInformation
DeleteCriticalSection
GetShortPathNameA
FreeLibrary
SetMailslotInfo
GetVersionExA
GetPrivateProfileStringW
GetBinaryTypeW
GetCompressedFileSizeW
CreateEventA
GetProcessTimes
EnumSystemCodePagesA
GetCommModemStatus
GetModuleHandleA
LoadLibraryExA
MoveFileExA
GetStartupInfoA
AllocConsole
WriteProcessMemory
GetUserDefaultLCID
GetSystemDirectoryW
EnumCalendarInfoA
SetThreadLocale
PrepareTape
GetTapeStatus
GlobalFree
VirtualProtect
GetFullPathNameA
SetStdHandle
GetCurrentDirectoryW
WritePrivateProfileStructA
LocalFileTimeToFileTime
GlobalGetAtomNameW
SetConsoleActiveScreenBuffer
SetCurrentDirectoryA
RaiseException
GetCommandLineA
LocalAlloc
ExitProcess

user32

LoadMenuIndirectW
DestroyIcon
SetCapture
GetWindowRect
GetProcessDefaultLayout
RegisterWindowMessageW
DialogBoxIndirectParamW
SetWindowsHookW
MessageBoxIndirectW
SetScrollPos
GetWindowTextA
RegisterClassExW
SystemParametersInfoW
FindWindowW
GetMenuStringA
SetDlgItemTextW
DrawFocusRect
SetMenuItemBitmaps
GetMenuItemInfoW
CloseWindow
SubtractRect
AdjustWindowRect
GetPropW
TranslateMessage
GetAncestor
PostMessageW
GetMessageExtraInfo
ClientToScreen
GetPropA
UnregisterClassA
TranslateAcceleratorA
GetCursorPos
CheckMenuItem
DefWindowProcA
CreateMenu
CharUpperW
CreatePopupMenu
SendMessageA
HiliteMenuItem
GetScrollPos
EnumDesktopsA
ChangeMenuA
FlashWindowEx
LoadCursorFromFileW
GetCaretBlinkTime
GetDialogBaseUnits
SetActiveWindow
IsWindowVisible
GetWindowTextLengthW
GetShellWindow
TabbedTextOutW

gdi32

CreateCompatibleBitmap
PathToRegion
CreateHalftonePalette
EnumObjects
CreateMetaFileA
GetWindowOrgEx
GetViewportOrgEx
SetWindowExtEx
GetSystemPaletteUse
Polyline

advapi32

GetSecurityInfo
SetEntriesInAclW
AccessCheckAndAuditAlarmW
BuildSecurityDescriptorW
OpenEventLogW
CryptSetKeyParam
CloseServiceHandle
RegConnectRegistryW
SetKernelObjectSecurity
RegRestoreKeyW
RegisterEventSourceW
RegEnumKeyExA
RegQueryValueW
FreeSid
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExA
CryptGetHashParam
OpenProcessToken
SetSecurityInfo
RegisterEventSourceA

shell32

ShellExecuteA
SHGetDesktopFolder
SHAddToRecentDocs
SHGetSpecialFolderPathW
FindExecutableA

ole32

CoGetClassObject
CoFileTimeNow
CoLockObjectExternal
OleLockRunning
CoDisconnectObject
CoGetInterfaceAndReleaseStream

oleaut32

SafeArrayGetElement
LoadTypeLi
SafeArrayPutElement
SysStringLen

shlwapi

StrCmpIW
PathFileExistsW
StrRetToBufW
SHDeleteValueW
PathAddBackslashA
PathUndecorateW
StrRChrA
PathRenameExtensionW
PathStripToRootW
SHSetValueW
PathAppendW
wnsprintfA
SHCreateStreamOnFileW
PathGetArgsW
PathGetDriveNumberW
SHRegGetBoolUSValueA
SHOpenRegStream2W

setupapi

SetupDiCallClassInstaller
SetupCloseInfFile
SetupGetInfFileListA
SetupScanFileQueueW
SetupDiGetClassDescriptionExA
SetupDiGetClassDevsExA
SetupDiClassNameFromGuidW
SetupOpenLog

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30b2c61d42da40421a376eec3b2de56e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 13KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 13KB