3290fc74c4d89656f3a2940c3432da93_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3290fc74c4d89656f3a2940c3432da93_JaffaCakes118
Size

668KB
MD5

3290fc74c4d89656f3a2940c3432da93
SHA1

5c532b8893164c3f9e813d62c7561026697746ae
SHA256

5d78ca17fa17136542b15c976ea794d58830bf8b796dd0b4e709021bce886d1c
SHA512

1ab29cfa2946a5d37b7e9aa8bebcd8798809215fc23d225e66a9c87661901460e160b098135e86db922276c8c42e8b44e09f658797dbf922a9c58abb86b7bc9d
SSDEEP

12288:AW22CBLafSeLLzCcj7d26OifbUA4Uf7kvXKI7LSRxShp4LVF4+4yoYjJ:AW7CBPeL/CcndDf4UfEKQ4u0nj4FY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3290fc74c4d89656f3a2940c3432da93_JaffaCakes118

Files

3290fc74c4d89656f3a2940c3432da93_JaffaCakes118
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

980cad35de235ab7186f63cdb8172e61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Replace
InitCommonControlsEx
ImageList_Create
ImageList_DrawEx
ImageList_DragMove
ImageList_SetImageCount

user32

RegisterClassExA
RegisterClassA
IsDialogMessageW
SetWindowContextHelpId
MapVirtualKeyW
SetDebugErrorLevel
IsCharLowerW
GetWindowRgn
IsCharUpperW
SetMenuItemInfoA
VkKeyScanExW
GetShellWindow
GetOpenClipboardWindow
SendIMEMessageExW
IsCharLowerA
SendMessageTimeoutA
DdeQueryStringA
RegisterWindowMessageA
SetSysColors
CharToOemA
CreateDialogIndirectParamW
GetDialogBaseUnits
ChangeMenuA
CountClipboardFormats
AdjustWindowRect
ReleaseCapture
RemoveMenu
DialogBoxIndirectParamA
GetMessageTime

kernel32

CreateMutexA
GetCommandLineA
SetFilePointer
GetDiskFreeSpaceExA
VirtualAlloc
GetPrivateProfileSectionW
SetHandleCount
CreateSemaphoreW
SetFileTime
DeleteCriticalSection
GetStartupInfoW
TlsAlloc
GetACP
WaitNamedPipeW
WaitForSingleObjectEx
FreeEnvironmentStringsW
VirtualQuery
GetLocaleInfoW
OpenWaitableTimerW
CreateDirectoryW
OpenFileMappingW
SetLocaleInfoW
GetStartupInfoA
GetStringTypeA
EnumSystemLocalesW
CreateToolhelp32Snapshot
LeaveCriticalSection
SystemTimeToTzSpecificLocalTime
VirtualProtect
GlobalAlloc
WriteFile
GetStringTypeW
GetOEMCP
ContinueDebugEvent
HeapReAlloc
GetEnvironmentVariableA
HeapCreate
LockResource
LocalFlags
TerminateProcess
SetCriticalSectionSpinCount
WaitCommEvent
HeapValidate
RtlUnwind
TlsGetValue
CloseHandle
WriteConsoleOutputA
GetFileType
GetCPInfo
CompareStringA
GetSystemTime
OutputDebugStringA
OpenMutexA
FindClose
SetStdHandle
HeapDestroy
GlobalGetAtomNameW
ReadFile
FindNextFileW
WideCharToMultiByte
GetModuleFileNameA
SetConsoleTextAttribute
FlushFileBuffers
HeapAlloc
GetCurrentDirectoryW
SetConsoleCursorInfo
GetTimeFormatA
MoveFileA
WritePrivateProfileSectionW
GetComputerNameA
GetLongPathNameA
InterlockedExchange
EnumCalendarInfoA
IsValidCodePage
SetConsoleOutputCP
OpenSemaphoreA
SetEnvironmentVariableA
CreateFileW
GetModuleHandleA
CopyFileExA
GetTimeZoneInformation
lstrcpy
ExitProcess
IsValidLocale
VirtualFree
AllocConsole
LocalAlloc
CreateWaitableTimerW
UnhandledExceptionFilter
GetConsoleCursorInfo
FindNextChangeNotification
FindFirstFileW
LocalFree
TransactNamedPipe
MultiByteToWideChar
IsBadWritePtr
GlobalCompact
InterlockedDecrement
FindAtomA
EnterCriticalSection
GetLocaleInfoA
RemoveDirectoryW
GetProcAddress
CompareFileTime
SetPriorityClass
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThread
GetEnvironmentStrings
SetLastError
InterlockedIncrement
LCMapStringA
GetDateFormatA
GetDiskFreeSpaceExW
GetStdHandle
HeapFree
TlsSetValue
WritePrivateProfileStructA
GetUserDefaultLCID
GetVersionExA
GetSystemInfo
PulseEvent
LocalUnlock
GetCurrentThreadId
CompareStringW
EnumSystemLocalesA
DebugBreak
FreeEnvironmentStringsA
LCMapStringW
SetConsoleCtrlHandler
WriteFileEx
InitializeCriticalSection
TlsFree
LoadResource
GetLastError
GetCurrentProcessId
GetCurrentProcess
LoadLibraryA
QueryPerformanceCounter
GlobalDeleteAtom
GetEnvironmentStringsW
IsBadReadPtr

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

980cad35de235ab7186f63cdb8172e61

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 128KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 128KB

.rsrc
Size: 88KB - Virtual size: 84KB