3a72028ece9a3665ad836920b0805af6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a72028ece9a3665ad836920b0805af6_JaffaCakes118
Size

324KB
MD5

3a72028ece9a3665ad836920b0805af6
SHA1

16594c9080379648d94e9e36066f7ac28d49f756
SHA256

61570b30429f08b39a30bb5f6e1cc9fdd0dc465ab9c43f7ae5a243ba86e981e4
SHA512

14fa9a35171f9c6e5513e85eb22c574e7a5d94111d75fbf5b19f304755eafeca57b190792988009a2c5146c83e53372bddf122a95560eeed509d724dc7660118
SSDEEP

6144:h6dhr+RIGZEZJGKxzSdsHQ1tyVMAxt0jeE96rPPqBJRp666ayOef:Qdhr+RlZKf2KQ1ETEGqLp6rf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a72028ece9a3665ad836920b0805af6_JaffaCakes118

Files

3a72028ece9a3665ad836920b0805af6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b0530f8e096b1760989434c6f37c4a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
LoadLibraryExA
CompareStringA
lstrcmpiW
SetEnvironmentVariableA
CreateNamedPipeW
FatalAppExitA
ExitThread
WritePrivateProfileStringW
FindFirstFileExW
GetConsoleMode
SetCurrentDirectoryA
FindFirstFileA
PeekNamedPipe
SetMailslotInfo
EndUpdateResourceA
FindFirstFileW
FormatMessageW
GetOEMCP
SwitchToFiber
ReadFile
SetVolumeLabelA
_lclose
DosDateTimeToFileTime
GetPrivateProfileSectionW
GetProfileIntA
LoadLibraryExW
OutputDebugStringA
GetSystemDefaultLangID
GetTempFileNameA
GetAtomNameA
OpenFile
GetCurrentProcessId
SetConsoleOutputCP
GetPrivateProfileStringA
LocalAlloc
GetVolumeInformationW
GetFullPathNameA
lstrcmpiA
RemoveDirectoryW
GlobalAddAtomW
GetCompressedFileSizeW
GetEnvironmentStringsW
IsBadReadPtr
CreateMutexW
CreatePipe
GetCurrentProcess
PeekConsoleInputW
GetSystemDirectoryW
VirtualAlloc
GetEnvironmentVariableW
GlobalDeleteAtom
CompareStringW
LocalFileTimeToFileTime
GetSystemTimeAdjustment
SetupComm
GetFileType
ReadConsoleInputW
VirtualUnlock
GetDateFormatA
CreateIoCompletionPort
GetTickCount
WriteProcessMemory
GetVersionExA
GetCommandLineA
IsDBCSLeadByteEx
VirtualQuery
ReadFileScatter
GetBinaryTypeW
ReadConsoleA
AllocConsole
OpenSemaphoreW
DuplicateHandle
SetLastError
GlobalFree
TryEnterCriticalSection
GetLocaleInfoW
EnumDateFormatsW
SetConsoleTitleA
CloseHandle
QueryDosDeviceW
FreeLibrary
GetFileAttributesA
GetBinaryTypeA
VirtualProtect
LoadResource
ExitProcess

user32

EndDeferWindowPos
IsClipboardFormatAvailable
TabbedTextOutW
GetDialogBaseUnits
GetTitleBarInfo
TileWindows
UpdateWindow
GetSystemMenu
GetClassInfoExW
CheckMenuRadioItem
CharPrevW
BroadcastSystemMessageW
mouse_event
CheckRadioButton
LoadKeyboardLayoutA
GetMenuItemRect
GetMenuItemInfoW
GetDlgItemTextA
ChildWindowFromPointEx
GetCapture
GetScrollInfo
keybd_event
TranslateAcceleratorW
GetClassInfoA
ShowWindowAsync
CreateDialogParamW
MessageBoxIndirectW
GetMonitorInfoA
GetAsyncKeyState
LookupIconIdFromDirectory
GetMessageW
RegisterClipboardFormatW
OpenClipboard
IsCharAlphaNumericA
SetPropA
RegisterDeviceNotificationA
GetWindowTextLengthW
DeleteMenu
EnumWindows
GetKeyboardType
RemoveMenu
CreateWindowExW
WaitMessage
GetUpdateRect
OpenWindowStationW
SetWindowLongA
DefDlgProcA
CopyImage
GetDlgCtrlID

gdi32

InvertRgn
DeleteDC
LineDDA
FrameRgn
SetWindowExtEx
CreateICW

comdlg32

FindTextA
CommDlgExtendedError
GetSaveFileNameA

advapi32

RegDeleteKeyA
AccessCheckAndAuditAlarmW
RegNotifyChangeKeyValue
RegCreateKeyW
LockServiceDatabase
GetTokenInformation
IsTextUnicode
RegLoadKeyA
RegDeleteValueW
RegDeleteKeyW

ole32

ProgIDFromCLSID
OleQueryLinkFromData
CreateBindCtx
CoReleaseMarshalData
OleGetIconOfClass
CoRegisterClassObject

oleaut32

SafeArrayCreate
SetErrorInfo
SafeArrayUnaccessData
SysStringLen
QueryPathOfRegTypeLi
VariantCopy
SafeArrayRedim

comctl32

ImageList_Replace
ImageList_DrawEx
ImageList_Create

shlwapi

PathIsUNCA
UrlApplySchemeW
SHGetValueA
PathParseIconLocationW
SHRegQueryUSValueW
PathStripToRootA
PathRemoveBlanksW
PathFindFileNameA
SHRegCloseUSKey
PathStripPathW
SHRegGetBoolUSValueA
PathFileExistsW
PathUnquoteSpacesA
StrChrW

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b0530f8e096b1760989434c6f37c4a3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB