364101b670a387ba820a6c68cbaeba83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

364101b670a387ba820a6c68cbaeba83_JaffaCakes118
Size

254KB
MD5

364101b670a387ba820a6c68cbaeba83
SHA1

ee9310671e5b9da7642bd9fc8b7000234eae5dc3
SHA256

2991748ce8eb84b6e310ebd190e210f7223efa0fb14b5137077e431351f87dbe
SHA512

a566abf08b12ecf14995e505c7176800a7ea2f8d1a8bab1845c1ce8654d630a08c9ef51c3c90391d9509c95de97afbaeea20ac9aea2e98ff096d72aa31bec019
SSDEEP

6144:RilpURnKujXAbc0JpCw6nITHI60tC4XZX+x2Pd2eA8Ob:R2Ul9jXf0PCw6nITodHX+8Ub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
364101b670a387ba820a6c68cbaeba83_JaffaCakes118

Files

364101b670a387ba820a6c68cbaeba83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f295f26736065911e2bd42813043e76d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
GetModuleHandleW
GetCurrentThreadId
GetSystemTime
SystemTimeToFileTime
FreeLibrary
CreateEventW
WaitForSingleObject
FindResourceW
LoadResource
GlobalAlloc
SetUnhandledExceptionFilter
GetLogicalDriveStringsW
GetDateFormatW
FileTimeToSystemTime
GetTimeFormatW
CompareFileTime
WaitForMultipleObjects
MulDiv
CopyFileExW
GetSystemDirectoryW
GetNumberFormatW
GetLocalTime
lstrcpynW
lstrlenW
lstrcpynA
lstrlenA
GetFullPathNameA
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrcpyW
ExpandEnvironmentStringsW
DuplicateHandle
OpenMutexW
LocalFree
LocalAlloc
lstrcmpA
GetModuleHandleA
GetACP
GetThreadLocale
GetProcessHeap
GetProcAddress

user32

GetMenuItemCount
AppendMenuW
CreatePopupMenu
DestroyCursor
GetMenuState
wsprintfW
GetWindowRgn
SetWindowRgn
PeekMessageW
GetSubMenu
CheckMenuItem
LoadImageW
SetWindowPos
ShowWindow
GetActiveWindow
OffsetRect
LoadIconW
GetDesktopWindow
InvalidateRect
LoadBitmapW
DestroyIcon
CopyRect
RegisterWindowMessageW
MessageBoxW
SetFocus
MessageBeep
IsWindow
GetClassInfoW
RegisterClassW
IsIconic
SetMenu
GetMenu
PostMessageW
RemoveMenu
FindWindowW
SetActiveWindow
SetTimer
GetSysColor
GetSystemMetrics
GetCursorPos
SetCursor
GetAsyncKeyState
LoadCursorW
SendMessageW
EnableWindow
SetForegroundWindow
GetFocus
SetCapture
GetForegroundWindow
EnableMenuItem
LoadMenuW
GetScrollPos
GetKeyState
GetMenuItemInfoW
GetMenuItemID

gdi32

CreateICW
CreateDIBSection
CreateSolidBrush
CreatePen
CreateRectRgn
DeleteObject
CreateFontIndirectW
CreateCompatibleDC
GetStockObject

advapi32

RegCreateKeyExW
RegOpenKeyA
RegQueryValueExA
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegEnumValueW
AdjustTokenPrivileges
SetSecurityDescriptorDacl
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegDeleteKeyA
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

shell32

ShellExecuteExW
SHGetDesktopFolder
Shell_NotifyIconW
SHGetSpecialFolderLocation
ShellExecuteW

comctl32

ord17

ole32

CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString

usp10

UspFreeMem
ScriptPlace
LpkPresent
ScriptString_pLogAttr

kbdest

KbdLayerDescriptor

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ipvp
Size: 1KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.N
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TzEWV
Size: 4KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Elkom
Size: 94KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oPjIf
Size: 4KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Y
Size: 512B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZsgMg
Size: 119KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f295f26736065911e2bd42813043e76d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

usp10

kbdest

Sections

.text Size: 12KB - Virtual size: 11KB

.Ipvp Size: 1KB - Virtual size: 177KB

.N Size: 3KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 41KB

.TzEWV Size: 4KB - Virtual size: 913KB

.Elkom Size: 94KB - Virtual size: 131KB

.oPjIf Size: 4KB - Virtual size: 596KB

.Y Size: 512B - Virtual size: 25KB

.data Size: 7KB - Virtual size: 342KB

.ZsgMg Size: 119KB - Virtual size: 203KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.Ipvp
Size: 1KB - Virtual size: 177KB

.N
Size: 3KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 41KB

.TzEWV
Size: 4KB - Virtual size: 913KB

.Elkom
Size: 94KB - Virtual size: 131KB

.oPjIf
Size: 4KB - Virtual size: 596KB

.Y
Size: 512B - Virtual size: 25KB

.data
Size: 7KB - Virtual size: 342KB

.ZsgMg
Size: 119KB - Virtual size: 203KB

.rsrc
Size: 2KB - Virtual size: 1KB