3367939d2870e1e4c8be14a3c1f27f97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3367939d2870e1e4c8be14a3c1f27f97_JaffaCakes118
Size

252KB
MD5

3367939d2870e1e4c8be14a3c1f27f97
SHA1

1c9db615a9e0b5e5a73ed4d5401c0d91a30e8e96
SHA256

bd82765dc289ecaf612bf3e917df717a3be5fbebc947276ff902e3d1055d8031
SHA512

ece0b71c4bff87f046d652339254b6fbd3be5a1934b947a30c926e4c3c97a0fd01b28b860fa36a5586f8e727f2bac4a3e9c66674b9d317dcdf19791f9f85432c
SSDEEP

6144:U7FJfmdjsSaoT8xpL/V6akSoO24kYlTc+c7Yd3aV2:U7FJfmdjI/VKNOdkYa7Yb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3367939d2870e1e4c8be14a3c1f27f97_JaffaCakes118

Files

3367939d2870e1e4c8be14a3c1f27f97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87f300441c06ed52596321da9bb30f63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
OutputDebugStringA
QueryDosDeviceA
SetFileTime
WritePrivateProfileStringA
CreateMutexA
VirtualAllocEx
CreateMutexW
AreFileApisANSI
EnumSystemCodePagesW
GetAtomNameA
FlushFileBuffers
GlobalDeleteAtom
EnumSystemCodePagesA
PulseEvent
WriteFile
IsBadStringPtrA
GetEnvironmentVariableW
SetCommMask
FreeLibraryAndExitThread
GetCurrentProcess
SetProcessShutdownParameters
lstrcmpiW
ReadDirectoryChangesW
SetCurrentDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
UnmapViewOfFile
ExitProcess
IsProcessorFeaturePresent
FindFirstFileW
GetTapeParameters
FindFirstFileExW
GetPrivateProfileSectionW
VirtualQuery
CancelIo
GlobalGetAtomNameW
TryEnterCriticalSection
GetCompressedFileSizeW
GetCommandLineW
GetStringTypeExW
FlushConsoleInputBuffer
GetConsoleMode
SetThreadPriorityBoost
GetTapeStatus
QueryDosDeviceW
GetDateFormatA
GetSystemTime
lstrcpyA
WriteProcessMemory
FileTimeToLocalFileTime
ReadConsoleOutputA
GlobalAddAtomA
GetPrivateProfileStringA
SetProcessWorkingSetSize
SetConsoleWindowInfo
_lclose
EnumDateFormatsW
SetThreadLocale
CreateIoCompletionPort
SetTimeZoneInformation
GetProfileStringA
CreatePipe
GetLongPathNameA
SetFileAttributesA
WritePrivateProfileSectionW
GetLargestConsoleWindowSize
SetEnvironmentVariableW
GetBinaryTypeA
WritePrivateProfileStringW
FormatMessageW
CreateDirectoryExA
GetFileAttributesExA
GlobalReAlloc
OpenMutexA
FindFirstFileA
SetupComm
GetDriveTypeA
VirtualProtect
_hread
CreateFileW
GetUserDefaultLCID
FindCloseChangeNotification
lstrcmpiA
GlobalFlags
GetCommandLineA
GetVersionExA
lstrlenA
GetTimeZoneInformation
VirtualAlloc

user32

DispatchMessageA
RegisterHotKey
CreatePopupMenu
CreateWindowStationW
OpenDesktopA
ShowCaret
LoadImageW
TrackPopupMenuEx
DeleteMenu
DestroyIcon
LoadCursorA
CharNextW
SystemParametersInfoW
RegisterDeviceNotificationW
SetMenu
GetClientRect
AdjustWindowRect
IsDlgButtonChecked
EndDialog
LoadBitmapW
DialogBoxParamW
TrackPopupMenu
CreateMDIWindowW
GetUserObjectInformationA
LoadImageA
SetWindowRgn
MapVirtualKeyW
SetCapture
GetMonitorInfoA
SetUserObjectSecurity
RegisterClassExW
SendInput
CharLowerBuffW
GetClipboardSequenceNumber
MessageBoxA
MapDialogRect
IsCharAlphaA
CreateCursor
GetAncestor
ToUnicodeEx
GetProcessWindowStation
IsCharAlphaW
GetWindowRgn
DialogBoxParamA
ChangeDisplaySettingsExA
EndDeferWindowPos
GetTitleBarInfo
EnumDesktopsA
InsertMenuItemA

gdi32

GetViewportOrgEx

comdlg32

ChooseFontW
PrintDlgA

advapi32

AllocateAndInitializeSid
AccessCheck
GetFileSecurityA
RegCreateKeyW
FreeSid

ole32

CoInitializeEx
OleConvertIStorageToOLESTREAM
CreateStreamOnHGlobal
OleSetContainedObject
RevokeDragDrop
OleSetMenuDescriptor
OleRegGetUserType
GetClassFile
OleSave

oleaut32

SysAllocStringLen
VariantCopy
LoadTypeLi
SafeArrayGetLBound

comctl32

ImageList_DragShowNolock
ImageList_ReplaceIcon

shlwapi

PathUnquoteSpacesA
StrFormatKBSizeW
StrDupA
PathIsRelativeW
SHOpenRegStream2W
StrCmpNIW
SHGetValueW
StrCmpIW
StrRStrIW
PathRemoveBackslashW
PathQuoteSpacesA
StrToIntW
PathFindExtensionW
SHRegSetUSValueW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87f300441c06ed52596321da9bb30f63

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB