318b8bdd1728c37bd826641ec7f75271_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

318b8bdd1728c37bd826641ec7f75271_JaffaCakes118
Size

346KB
MD5

318b8bdd1728c37bd826641ec7f75271
SHA1

fe52d93e3565ffb809831f3b54e6e93a5105343e
SHA256

e49f90a57dbf840837a3268ac8c50a894b90e626ef657026c1bcfa8155dee55d
SHA512

1c0851d506aebfd5dfab53862a3d793fa1f4ee3015bd8faaf8875ec6f58da3bab5c8874257a57ce8fbf5337ce2f21232283d4bde8a5c3a44b2783e5b913c07e8
SSDEEP

6144:FiUEJZnkfvDnzBvLjuWErWkWegKC+rJyqsupOiWgYCTSjvtql:Fm7kfvDzBzKWEhi+oq0tlFql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
318b8bdd1728c37bd826641ec7f75271_JaffaCakes118

Files

318b8bdd1728c37bd826641ec7f75271_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b1fa72d5b222b992bdbe3952e3296d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersionExA
GetProcessWorkingSetSize
SetDefaultCommConfigW
EnumDateFormatsA
GetConsoleCursorInfo
GetThreadLocale
VerLanguageNameA
ReadFileEx
FindResourceA
VirtualQueryEx
VirtualFreeEx
LCMapStringW
MoveFileExW
SetThreadIdealProcessor
OpenWaitableTimerW
_lwrite
LocalReAlloc
Heap32ListFirst
InterlockedExchange
SetHandleCount
GetModuleFileNameW
SetCommMask
GetFileType
CreateMutexW
lstrcmpA
GetPrivateProfileSectionNamesW
GetStartupInfoA
GetBinaryTypeA
GetDefaultCommConfigW
CopyFileW
GetProcessVersion
GetLongPathNameW
SetConsoleTitleA
VirtualUnlock
Heap32ListNext
SetLocaleInfoA
VirtualLock
FoldStringW
GetLogicalDriveStringsW

user32

CharLowerBuffA
GetSysColor
ToUnicode
DeferWindowPos
ReleaseCapture
SetDlgItemTextA
EnableMenuItem
MenuItemFromPoint
LoadCursorW
GetTabbedTextExtentA
DefFrameProcW
AppendMenuA
GetDC
SetWindowRgn
GetKeyboardLayoutNameA
SetClipboardData
SetRect
DestroyCaret
GetInputState
GetClipboardFormatNameA
RegisterWindowMessageW
LoadIconA
GetUserObjectInformationA
IsCharUpperW
DefFrameProcA
SetDlgItemInt
LoadStringA
KillTimer
SetLastErrorEx
InvalidateRgn
SetDlgItemTextW
IsCharAlphaW
MessageBeep
GetMenuCheckMarkDimensions
DefWindowProcA

gdi32

GetTextColor
CreatePolyPolygonRgn
CreateRoundRectRgn
CreateCompatibleDC
GetTextMetricsW
GetNearestColor
GetLogColorSpaceA
ArcTo
AddFontResourceA
GetViewportExtEx
UpdateColors
SetSystemPaletteUse
SetROP2
Rectangle
EndDoc
SetMapMode
GetGlyphOutlineW
SetWindowOrgEx
SetBoundsRect
GetTextExtentPoint32W

comdlg32

GetFileTitleW

advapi32

RegDeleteKeyA
IsTextUnicode
CryptDestroyKey
BuildExplicitAccessWithNameA
GetAuditedPermissionsFromAclA
GetNumberOfEventLogRecords
DeleteAce
ReadEventLogA
CryptVerifySignatureA
CryptSetProviderW
GetSecurityDescriptorSacl
CryptHashData
SetEntriesInAclA
BuildImpersonateTrusteeA
GetNamedSecurityInfoW
QueryServiceConfigW
ImpersonateSelf
LookupPrivilegeDisplayNameW
BuildImpersonateExplicitAccessWithNameW
RegSetValueExW
LookupSecurityDescriptorPartsW

shell32

DragAcceptFiles
ShellExecuteExA
SHGetSpecialFolderPathW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 279KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

l.qdpab7
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5k2h8n77
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b1fa72d5b222b992bdbe3952e3296d4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 279KB - Virtual size: 280KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 16KB

l.qdpab7 Size: 44KB - Virtual size: 48KB

5k2h8n77 Size: 4KB - Virtual size: 4KB

.text
Size: 279KB - Virtual size: 280KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 16KB

l.qdpab7
Size: 44KB - Virtual size: 48KB

5k2h8n77
Size: 4KB - Virtual size: 4KB