33ce4d4dd2c0b952e1f66fc517c26acd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33ce4d4dd2c0b952e1f66fc517c26acd_JaffaCakes118
Size

73KB
MD5

33ce4d4dd2c0b952e1f66fc517c26acd
SHA1

ae7fd430e77f057808e13efc84375e62562119a9
SHA256

bacc139d0ef72fd8811f064b61b97060e9e8fcae41fec907b0de19cf4ffd6239
SHA512

920222ca24e60ec23f18703a60cadaa14f8efa36b655f3acb5c89979559370ef645385d308439e58d5b2c207fd1e0834fa488194172dada05313da682f04b281
SSDEEP

768:UrBd/6ZKkYeuRT7pWipR2dii0Wieqa7J9SCV38Bf0udz0aztHQPuMTqr9qFmur/:uHXkYzdb8UiL9DSCh8gKKi9qXr/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33ce4d4dd2c0b952e1f66fc517c26acd_JaffaCakes118

Files

33ce4d4dd2c0b952e1f66fc517c26acd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0fe67506277a917dcf6b8990fb2c59f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
CompareFileTime
Process32First
WriteConsoleInputW
ReadConsoleOutputCharacterW
CreateFileMappingW
HeapAlloc
IsValidLocale
GetTempPathA
InterlockedExchange
GetProcAddress
HeapDestroy
VerLanguageNameA
CreateHardLinkA
GetEnvironmentVariableA
GetUserDefaultLangID
GetProfileStringW
FatalAppExitW
SetEnvironmentVariableA
BackupWrite
SetMailslotInfo
Thread32First
GetNumberFormatA
GetDiskFreeSpaceExA
GetThreadContext
GetCompressedFileSizeA
GetVersionExA
GetVolumePathNameW
EnumResourceNamesW
GetConsoleAliasExesLengthA
LockFile
GetVersion
GetPrivateProfileSectionNamesA
GetSystemTimeAdjustment
GetProfileSectionW
OpenFile
CreateSemaphoreA
DeleteTimerQueueEx
OpenFileMappingA
GlobalAddAtomW
WaitCommEvent
MapUserPhysicalPagesScatter
Heap32ListFirst
WriteProcessMemory
FreeUserPhysicalPages
GetConsoleDisplayMode
LocalCompact
CreateNamedPipeW
SetConsoleOutputCP
GlobalUnfix
GetSystemDirectoryA
LoadResource
lstrcmp
ChangeTimerQueueTimer
MapViewOfFile
GetEnvironmentStrings
SetProcessAffinityMask
CancelIo
GetModuleFileNameA
GetUserDefaultUILanguage
BuildCommDCBW
GetPrivateProfileStringA
GetConsoleAliasW
GetStartupInfoA
BackupRead
EnumSystemCodePagesA
lstrlenW
GetProcessAffinityMask
GlobalLock
GetTapePosition
GetVolumePathNameA
FreeEnvironmentStringsW
GetProfileSectionA
GetLogicalDriveStringsW
QueryPerformanceCounter
DeleteVolumeMountPointA
SetCriticalSectionSpinCount
GetShortPathNameW
EnumTimeFormatsW
CancelDeviceWakeupRequest
DeleteVolumeMountPointW
DeleteCriticalSection
GetFullPathNameW
CreatePipe
VirtualAlloc
DuplicateHandle
RemoveDirectoryW
GetConsoleFontSize
WritePrivateProfileStringA
SetVolumeLabelW
PeekNamedPipe
GetUserDefaultLCID
SystemTimeToFileTime
SetFilePointer
Heap32Next
AreFileApisANSI
ClearCommBreak
SearchPathA
EnumCalendarInfoA
HeapSize
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryA

user32

MapWindowPoints
GetKeyState
LoadAcceleratorsA
EnumDisplaySettingsW
ToAsciiEx
SetUserObjectInformationW
InvertRect
EnumPropsExA
LoadMenuA
GetMenuItemCount
CharNextExA
GetClassWord
ShowCursor
GetPriorityClipboardFormat
GetUpdateRect
DeregisterShellHookWindow
PostQuitMessage
PtInRect
EnumClipboardFormats
MonitorFromPoint
GetMonitorInfoW
DdeQueryConvInfo
GetMessageTime
CreateDesktopA
SetThreadDesktop
GetClassInfoW
GetKeyboardState
ReleaseCapture
DispatchMessageA
TranslateAccelerator
GetClipboardOwner
ReplyMessage
GetClassInfoExW
CreateDialogIndirectParamW
DrawIconEx
CharToOemBuffA
SetWindowsHookExA
EnumWindows
SetLayeredWindowAttributes
WaitMessage
SetDlgItemInt
SetFocus
IsCharAlphaW
GetKBCodePage
SendNotifyMessageW
BeginPaint
ModifyMenuW
IsClipboardFormatAvailable
SetWindowLongW
DdeEnableCallback
SendDlgItemMessageW
GetMonitorInfoA
InSendMessageEx
EnableWindow
GetScrollInfo
SetShellWindow
EnableScrollBar
DefDlgProcW
CreateMDIWindowW
EndTask
IsIconic
IsCharAlphaA
IsWindowUnicode
CharUpperBuffW
DialogBoxParamA
CharLowerA
KillTimer
OemToCharBuffW
SetClipboardData
PeekMessageW
SetMessageExtraInfo
MsgWaitForMultipleObjects
LoadIconA
GetQueueStatus
CharToOemA
UnloadKeyboardLayout
SendMessageTimeoutW
GetKeyboardLayout
MessageBoxA
SetSysColors
RegisterClipboardFormatW
GetClassLongW
EqualRect
SetParent
DeferWindowPos
EnumDisplaySettingsA
wsprintfW
CharToOemW
RegisterClassA
IsDlgButtonChecked

advapi32

RegOpenKeyExA

shlwapi

StrRChrIA
SHRegOpenUSKeyW
UrlApplySchemeA
PathCommonPrefixA
SHRegOpenUSKeyA
StrCmpNA
SHDeleteEmptyKeyA
PathFileExistsA
StrFormatByteSize64A
StrRetToBufW
StrStrW
UrlIsOpaqueW
StrRetToBufA
AssocQueryStringW
StrCmpNW
PathRemoveExtensionW
StrCSpnIW
StrNCatW
SHRegWriteUSValueA
StrFormatKBSizeA
PathGetArgsW
StrCatW
SHGetInverseCMAP
SHRegDeleteEmptyUSKeyW
SHCopyKeyA
StrChrW
PathQuoteSpacesA
PathIsUNCServerW
SHRegDeleteEmptyUSKeyA
PathCombineW
StrFromTimeIntervalA
UrlIsA
StrFormatByteSizeW
StrChrIA
AssocQueryKeyA
PathRemoveBlanksW
PathUnquoteSpacesA
StrIsIntlEqualA
PathIsNetworkPathW
PathFindOnPathW
PathAppendW
PathRemoveExtensionA
SHDeleteEmptyKeyW
PathRemoveArgsA
PathCompactPathExA
PathParseIconLocationA
UrlIsW
PathGetDriveNumberW
PathSkipRootW
SHIsLowMemoryMachine
PathIsUNCServerA
UrlIsNoHistoryW
StrCmpNIW
PathUnmakeSystemFolderA
PathFindExtensionA
PathMakePrettyA
SHEnumKeyExA
SHRegGetBoolUSValueW
AssocQueryStringByKeyW
SHRegEnumUSValueW
StrDupW
UrlCreateFromPathW
AssocQueryStringByKeyA
ChrCmpIA
SHRegQueryUSValueW
StrSpnA
SHEnumValueA
StrPBrkW
PathIsFileSpecA
PathFileExistsW
PathIsRootW
StrTrimA
SHStrDupW
StrCatBuffA
PathRenameExtensionW
SHRegGetBoolUSValueA
PathIsRelativeW
StrChrIW
SHSetThreadRef
SHAutoComplete
SHRegCreateUSKeyA
PathMakeSystemFolderA
UrlCanonicalizeA
wvnsprintfA
SHRegEnumUSValueA
PathFindNextComponentW
PathSearchAndQualifyA
SHRegQueryInfoUSKeyA
SHRegEnumUSKeyA
SHCopyKeyW
PathRemoveBackslashA
StrStrIW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d1
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0fe67506277a917dcf6b8990fb2c59f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.d3 Size: 1024B - Virtual size: 1000B

.d2 Size: 1024B - Virtual size: 1000B

.d1 Size: 41KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.d3
Size: 1024B - Virtual size: 1000B

.d2
Size: 1024B - Virtual size: 1000B

.d1
Size: 41KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1KB - Virtual size: 1KB