35511e1a1f929eecd4f0c73a4a278564_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35511e1a1f929eecd4f0c73a4a278564_JaffaCakes118
Size

328KB
MD5

35511e1a1f929eecd4f0c73a4a278564
SHA1

843cb5dd620282acd402fde690113f75a5ef3815
SHA256

52ab0906d34e1cc1a4c27e83722bcf6e202f267a4891cc194e7c73fdac6c0fa3
SHA512

f8bb9e436f76839efc4bb91a2e233b455b7b77acd9057be1a9b6dd3535460b843aa7637df4dbb8e68118b0af674913ac9276a3a1292645745cf5c45eed83c53a
SSDEEP

6144:CgRJee2dmfjbAhOTfDYcsEE0TrtMUpd0cPtBgGy:CgRJ+zoTLZFPTZPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35511e1a1f929eecd4f0c73a4a278564_JaffaCakes118

Files

35511e1a1f929eecd4f0c73a4a278564_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3d35d6a196aa6d682bfb21985e96eb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
WritePrivateProfileSectionA
WriteConsoleOutputW
GetDiskFreeSpaceW
EnumDateFormatsW
LoadLibraryExA
EnumResourceLanguagesW
SetHandleCount
GetFileType
_llseek
SetProcessAffinityMask
GetTapeStatus
GetUserDefaultLangID
_lread
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAddAtomW
lstrcmpiA
GetModuleHandleA
GlobalFree
WritePrivateProfileStructA
ReleaseMutex
ReleaseSemaphore
GetSystemDirectoryW
FormatMessageW
IsDBCSLeadByteEx
SetEnvironmentVariableA
GetProcessTimes
GetCurrentProcessId
lstrcpyA
GetModuleFileNameW
GetACP
PrepareTape
SetErrorMode
LocalLock
EnumTimeFormatsW
GetCommConfig
EnumSystemCodePagesA
FillConsoleOutputCharacterA
SetStdHandle
GetTempPathW
GetConsoleMode
QueryDosDeviceW
WaitNamedPipeA
CreateEventA
AllocConsole
SetConsoleOutputCP
RemoveDirectoryA
MultiByteToWideChar
GetWindowsDirectoryA
CreateDirectoryExA
SetConsoleActiveScreenBuffer
VirtualFree
SetFileAttributesA
WritePrivateProfileStringW
GetSystemTimeAsFileTime
GlobalDeleteAtom
GetShortPathNameA
GlobalAddAtomA
CreateIoCompletionPort
EnumCalendarInfoA
RaiseException
LocalAlloc
VirtualQuery
EnumResourceNamesA
SetLastError
GetTapeParameters
TryEnterCriticalSection
FormatMessageA
GetBinaryTypeA
ExitThread
ExpandEnvironmentStringsW
UnhandledExceptionFilter
GetCommModemStatus
GetSystemTime
EnumSystemCodePagesW
GetBinaryTypeW
GetHandleInformation
GetCompressedFileSizeW
SystemTimeToFileTime
GetConsoleCursorInfo
EnumResourceNamesW
PurgeComm
CreateDirectoryA
GetOverlappedResult
GetCommandLineA
VirtualAlloc
GetThreadContext
ExitProcess

user32

GetKeyboardLayoutNameA
ArrangeIconicWindows
LoadImageA
InsertMenuItemA
OpenIcon
FillRect
OemToCharBuffA
DispatchMessageA
GetDlgItem
RemoveMenu
ChildWindowFromPoint
GetCapture
GetPropW
RemovePropA
DrawStateA
DragDetect
GetPropA
SetProcessDefaultLayout
GetScrollBarInfo
CheckMenuRadioItem
ShowScrollBar
DrawMenuBar
IsCharAlphaNumericA
DefWindowProcW
CharToOemA
FindWindowA
GetClipboardSequenceNumber
DrawTextExW
CharPrevW
EmptyClipboard
wvsprintfW
IsMenu
LoadKeyboardLayoutW
ChangeMenuW
AppendMenuW
SetScrollRange
CharNextExA

gdi32

CloseMetaFile
CreateMetaFileA
GetGlyphOutlineW
GetObjectType
ChoosePixelFormat
PolyBezierTo
Rectangle
ExtCreatePen
CloseFigure
GetCurrentPositionEx
PtVisible

comdlg32

FindTextA
ChooseColorA
ChooseFontA

advapi32

GetServiceDisplayNameA
RevertToSelf
RegCloseKey
MapGenericMask
AccessCheckAndAuditAlarmW
LookupAccountNameW
IsValidSid
SetSecurityDescriptorSacl
DeregisterEventSource
OpenThreadToken
RegUnLoadKeyA
RegConnectRegistryA
CryptGetUserKey
StartServiceCtrlDispatcherA
CreateServiceW
IsValidAcl
CloseServiceHandle
CryptSignHashW
InitializeSid
CryptSetProvParam
GetSidLengthRequired
FreeSid
OpenSCManagerW

shell32

ShellExecuteA

ole32

RevokeDragDrop
ReadFmtUserTypeStg

oleaut32

SysStringLen
SetErrorInfo
VariantChangeType
SafeArrayCreate
SafeArrayGetElement
SysFreeString
SafeArrayRedim
SafeArrayUnaccessData

comctl32

ImageList_LoadImageW

shlwapi

AssocQueryKeyW
StrTrimA
PathUnquoteSpacesW
PathIsRootA
SHSetValueA
UrlIsW
SHDeleteValueW
PathCombineW
UrlGetPartW
StrStrIW
SHRegCreateUSKeyW
wnsprintfA
StrFormatKBSizeW

Sections

ceweciq
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

kiauku
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

euyagq
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qmcaw
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3d35d6a196aa6d682bfb21985e96eb9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

ceweciq Size: 4KB - Virtual size: 2KB

kiauku Size: 8KB - Virtual size: 5KB

euyagq Size: 268KB - Virtual size: 264KB

qmcaw Size: 44KB - Virtual size: 41KB

ceweciq
Size: 4KB - Virtual size: 2KB

kiauku
Size: 8KB - Virtual size: 5KB

euyagq
Size: 268KB - Virtual size: 264KB

qmcaw
Size: 44KB - Virtual size: 41KB