31261a47938de2de958ecd6f40c0646f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31261a47938de2de958ecd6f40c0646f_JaffaCakes118
Size

356KB
MD5

31261a47938de2de958ecd6f40c0646f
SHA1

342c6b80cabd2f063d09b0dfe1efd6f40692817b
SHA256

bd82986d55c454757023929e0d7dbf0670090cee1004bac15d8c99da9d2aade1
SHA512

e0221a3baf96eb79d3bc003963f65b166f238cb240014c55fe836a0fe9e3172270505d33d56fc07a905d8f2c9f4dd3520b9aa3c625979b86a83c9845dd042304
SSDEEP

6144:X0EJ1nIvWId04QXGQOJVIvzBWurIvzscI0:fJlId01TOJVIvzAu7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31261a47938de2de958ecd6f40c0646f_JaffaCakes118

Files

31261a47938de2de958ecd6f40c0646f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c740e30b13ed2db64e0c3099e5eb7a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
SHDeleteValueA
SHDeleteKeyA
SHGetValueA
wnsprintfA
SHSetValueA
PathAppendA

kernel32

GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTitleA
AllocConsole
GetTickCount
InterlockedDecrement
lstrlenA
MoveFileA
InterlockedIncrement
DebugBreak
OutputDebugStringA
GetTempPathA
RemoveDirectoryA
CreateDirectoryA
CopyFileA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetTempFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
VirtualFree
CloseHandle
VirtualAlloc
SetFilePointer
ReadFile
GetFileSize
CreateFileA
WriteFile
IsBadReadPtr
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
DeviceIoControl
GetVersionExA
FreeLibrary
Sleep
GetFileAttributesExA
SetConsoleScreenBufferSize
TerminateProcess
GetDriveTypeA
GetLogicalDrives
SizeofResource
LockResource
LoadResource
FindResourceA
WaitForSingleObject
CreateProcessA
OpenMutexA
GetCommandLineA
FreeResource
WritePrivateProfileStringA
CreateThread
LoadLibraryW
MultiByteToWideChar
GetExitCodeProcess
IsBadCodePtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
GetConsoleWindow
FreeConsole
GetModuleFileNameA
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetSystemDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
SetFileAttributesA
MoveFileExA
GetFileAttributesA
GetLastError
LocalFree
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
HeapCreate
GetCurrentProcess
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
SetHandleCount
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
SetLastError
TlsAlloc
GetVersion
GetStartupInfoA
GetModuleHandleA
TlsGetValue
RtlUnwind
SetStdHandle
GetFileType
ExitProcess
HeapFree
HeapAlloc
TlsSetValue

user32

CharNextA
LoadStringA
ExitWindowsEx
DefWindowProcA
DestroyWindow
SetActiveWindow
MessageBoxA
wvsprintfA

advapi32

GetExplicitEntriesFromAclA
QueryServiceStatus
StartServiceA
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegFlushKey
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
GetUserNameA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
DeleteAce

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoUninitialize
CoInitialize

comctl32

InitCommonControlsEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

urlmon

URLDownloadToFileA

netapi32

Netbios

wininet

InternetConnectA
HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetOpenA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c740e30b13ed2db64e0c3099e5eb7a3

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

comctl32

version

urlmon

netapi32

wininet

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 29KB

.rsrc Size: 252KB - Virtual size: 248KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 29KB

.rsrc
Size: 252KB - Virtual size: 248KB