374fecea226a364c907a47412e4e6940_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

374fecea226a364c907a47412e4e6940_JaffaCakes118
Size

6.5MB
MD5

374fecea226a364c907a47412e4e6940
SHA1

267106b27095e7a4b83b8426e2cc61aba08f92b4
SHA256

0713990b4337c4e9b4f0db103bfd390e5dc9af1f1ec3255676f51d4289d0e3a2
SHA512

ba1b9715de16adb7567a0470ee64a35d951c21e6f49efd6b1026ad7b1acf3bb7383d28a3f477f4722ada62a3bf97592b073d561787663a8487e22525d6a82d65
SSDEEP

98304:XUUaxHWLTbF3WLp7EjY6DUnVMUFLSKx9pnrTm9Dra8iQnrvdqfgkEGyloTAf9Lr:8xuN3gp7eIMGLSG1yNa8Tqgd9+S/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374fecea226a364c907a47412e4e6940_JaffaCakes118

Files

374fecea226a364c907a47412e4e6940_JaffaCakes118
.exe windows:4 windows x86 arch:x86

842aa0b713e4861b83f7d1a270a717f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lread
GetCommandLineW
EnumSystemCodePagesA
FormatMessageW
CreateDirectoryW
_lclose
GetTimeZoneInformation
SetSystemTime
GetThreadContext
LCMapStringA
FindNextChangeNotification
GetVersion
GetStringTypeExW
CancelIo
GetProfileIntA
SetEvent
ExitProcess
FindResourceExA
CreateMutexA
CreateDirectoryExA
CreatePipe
LoadLibraryExA
EnumResourceNamesA
ConnectNamedPipe
GetPrivateProfileSectionW
FindCloseChangeNotification
GetTickCount
EraseTape
GetDiskFreeSpaceW
GetTapeParameters
lstrcpyA
SetStdHandle
GetConsoleCursorInfo
WaitNamedPipeA
RemoveDirectoryW
GetPrivateProfileStringA
GetTapeStatus

user32

DrawCaption
EnumDisplaySettingsA
CheckDlgButton
IsWindowVisible
CreateAcceleratorTableW
LoadMenuIndirectA
IsWindowEnabled
GetScrollRange

gdi32

Arc
PlayEnhMetaFileRecord
GetMapMode
ExtEscape
EnumObjects
CreateHatchBrush
OffsetRgn
GetObjectW
EnumFontFamiliesExW
SetROP2
SetDIBColorTable
PlayMetaFileRecord
SetRectRgn
SetTextCharacterExtra

comdlg32

GetFileTitleW
ReplaceTextA

advapi32

GetSidSubAuthority
RevertToSelf
EnumDependentServicesW
SetSecurityDescriptorOwner
AccessCheckAndAuditAlarmW
RegQueryValueW
AccessCheck
OpenServiceW
AdjustTokenPrivileges
GetLengthSid

shell32

DragAcceptFiles
DragQueryPoint

ole32

ReadClassStg
CoSwitchCallContext
OleIsRunning
OleQueryLinkFromData
OleRegGetMiscStatus
CreateStreamOnHGlobal
StgOpenStorage

oleaut32

QueryPathOfRegTypeLi
SafeArrayGetLBound
VariantChangeType

comctl32

ord17
PropertySheetW

shlwapi

StrRetToBufW
PathRemoveBackslashA
UrlApplySchemeW
StrChrIA
PathIsDirectoryEmptyW
SHCreateStreamOnFileW
SHAutoComplete
StrStrA
AssocQueryKeyW
PathCommonPrefixW

msvcrt

_wcsdup
_wsystem
vswprintf
_mbslen
_umask
wcstok
_itow
exit
_mbsncmp
floor
ferror
_strnicoll
_fullpath
_mbctoupper
_mbscat
fseek
_getpid
fputc
_spawnvp
_write
strtod
_mbsicmp
mbtowc

Sections

.text
Size: 48KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

842aa0b713e4861b83f7d1a270a717f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 48KB - Virtual size: 6.4MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 48KB - Virtual size: 6.4MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB