305a5721847a16563c704fc2db6f94f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

305a5721847a16563c704fc2db6f94f0_JaffaCakes118
Size

253KB
MD5

305a5721847a16563c704fc2db6f94f0
SHA1

46c10f619ca7bf33307c78ba515cdc66414e8881
SHA256

1f2e743f5fa423d938643fb47d25c74527bd09fbf86fef8f4cd1ab0f4f64a3c3
SHA512

d049e04a879838478f7268ac3283369d0fd4165591cedb5560a5501fab9d187bcbe1f284440e8ffe37a09e5add1f40d4180ac45dd620a0ebe4d1cff52432b4dc
SSDEEP

6144:vjstjLqoNwZisQaw/UqGbe7Mu1kuGBRNgNdd9HrM2D:vjsV/N5/syMWGLNgNdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305a5721847a16563c704fc2db6f94f0_JaffaCakes118

Files

305a5721847a16563c704fc2db6f94f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a813b48f504c3bc76afc62bf76ac700

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
SetErrorMode
GetLastError
MoveFileExW
OutputDebugStringW
GetFileType
GetStringTypeW
GetCurrentDirectoryW
CopyFileW
ResetEvent
GetPrivateProfileIntA
GetPrivateProfileSectionA
CreateTimerQueue
InterlockedDecrement
MulDiv
GetSystemTimeAsFileTime
FileTimeToDosDateTime
WaitForMultipleObjects
IsDBCSLeadByte
SetCurrentDirectoryW
CreateToolhelp32Snapshot
GetWindowsDirectoryA
lstrcpyA
GetOEMCP
OutputDebugStringA
IsBadCodePtr
OpenMutexW
GetACP
lstrcmpiA
IsProcessorFeaturePresent
GetOverlappedResult
InterlockedExchange
FindClose
SetStdHandle
IsValidLocale
GetStringTypeA
GetTickCount
GetUserDefaultLangID
SetFilePointer
CreateTimerQueueTimer
GetCPInfo
CreateNamedPipeA
DebugBreak
FormatMessageA
CreateFileMappingW
GetNumberFormatW
QueryDosDeviceA
QueryPerformanceCounter
SetEndOfFile
HeapAlloc
GetSystemDefaultLCID
GlobalUnlock
GetSystemDefaultUILanguage
TlsAlloc
GetThreadLocale
GetSystemInfo
FlushFileBuffers
GetThreadPriority
OpenMutexA
GetConsoleMode
GlobalDeleteAtom
EnumResourceNamesW
GetFileAttributesW
GetStartupInfoA
CreateFileA
FreeEnvironmentStringsW
GlobalGetAtomNameW
GetCurrentProcessId
GetPriorityClass
FindCloseChangeNotification
ReleaseSemaphore
LCMapStringW
LoadLibraryA
GetCurrentThread
GetFileTime
FindResourceExW
SetUnhandledExceptionFilter
GetFullPathNameA
LocalAlloc
OpenFile
ReadFile
SetWaitableTimer
GetFileSize
DeviceIoControl
GetTempPathA
GetProcAddress
GetModuleHandleA
CopyFileA
GetDiskFreeSpaceW
HeapCreate
GetFileAttributesA
VirtualAlloc

comdlg32

GetOpenFileNameA
ChooseColorA
GetFileTitleW

shell32

SHChangeNotify

ole32

OleRegGetMiscStatus
OleDuplicateData
StgCreateDocfile
OleLockRunning
OleRegEnumVerbs
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
OleCreateFromData
CreateILockBytesOnHGlobal
SetConvertStg
CoIsOle1Class

user32

DispatchMessageA
GetSysColorBrush
SetScrollRange
SetWindowTextA
SetClassLongW
GetClientRect
CharLowerBuffW
GetMessagePos
TrackPopupMenu
GetMenuItemID
SetMenuItemInfoA
FlashWindow
DialogBoxParamW
GetWindowTextW
GetScrollRange
SendNotifyMessageA
MessageBoxIndirectW
CreateDialogIndirectParamA
CharLowerW
DrawFocusRect
InvalidateRect
DestroyCaret
GetParent
GetClassInfoW
ClientToScreen
DdeAccessData
GetQueueStatus
BeginPaint
EndPaint

gdi32

GetBrushOrgEx
CreatePolygonRgn
SetBrushOrgEx
AddFontResourceExW
GetDCOrgEx
GetTextExtentPoint32A
GetEnhMetaFileHeader
GetCurrentPositionEx
GetTextExtentExPointW
EndPath
CreatePalette
AbortDoc

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersA
DeletePortA

version

VerQueryValueA

oleaut32

GetActiveObject

shlwapi

PathStripPathW

advapi32

GetSidLengthRequired
CryptCreateHash
EqualSid
SetSecurityDescriptorControl
ChangeServiceConfig2W
CloseServiceHandle
LookupAccountSidA

comctl32

ImageList_GetBkColor
_TrackMouseEvent
CreateToolbarEx
ImageList_DragLeave
ImageList_GetDragImage

msvcrt

fread
realloc
_splitpath
_wtoi
iswspace
strchr
bsearch
_c_exit
_mbsrchr
localtime
_beginthreadex
toupper
time
_iob
wcscspn
calloc
_msize
isdigit
_stricmp
_wcsdup
_expand
wcsncmp
isspace
_wcsupr
towlower
strncpy
_CxxThrowException
wcsncpy
wcstol
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
strrchr
_XcptFilter
wcsrchr
_exit
_acmdln
exit
atof

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a813b48f504c3bc76afc62bf76ac700

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

ole32

user32

gdi32

winspool.drv

version

oleaut32

shlwapi

advapi32

comctl32

msvcrt

Sections

.text Size: 214KB - Virtual size: 214KB

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 214KB - Virtual size: 214KB

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 6KB - Virtual size: 5KB