3d128fadf88ea9e24fa489f2dde1feaa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d128fadf88ea9e24fa489f2dde1feaa_JaffaCakes118
Size

324KB
MD5

3d128fadf88ea9e24fa489f2dde1feaa
SHA1

7620de6c3edd09f02c511049326f82a4fcb8e159
SHA256

161e132679ccd0677d3b590cae178027b61fb8d82a6e35e8e256fd7cc0f48064
SHA512

eeffdcd95429cdc35384530252ddee7e722c0d19b3f8355ea3b93239be4ac20f7c9db8719ce3472552f840253b43e57b221c1e95704cb5b49b3500cd9f7128bb
SSDEEP

6144:OzUGhftJ9QiI1Z3CWUC4QjHuKy6VBasO089nt8n2h+DX:4PhlJ9QN1Z3/U6Op6VyVttkG+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d128fadf88ea9e24fa489f2dde1feaa_JaffaCakes118

Files

3d128fadf88ea9e24fa489f2dde1feaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21440acb23262c49ba1acdc0e4ce88bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
IsDBCSLeadByteEx
RemoveDirectoryA
WritePrivateProfileSectionA
_lread
VirtualLock
CreateMutexA
GetStartupInfoA
VirtualAllocEx
GetDriveTypeW
FindFirstFileA
CancelIo
MultiByteToWideChar
MoveFileW
EnumResourceNamesW
GetCurrentProcessId
ExitProcess
Beep
LocalLock
SetNamedPipeHandleState
lstrcpynA
GetModuleFileNameW
GetEnvironmentStringsW
ClearCommBreak
GetProcessHeap
QueryDosDeviceA
ReadConsoleOutputA
PulseEvent
AreFileApisANSI
GetVersionExA
SetSystemTime
GlobalFindAtomA
EnumResourceLanguagesW
SetConsoleWindowInfo
CopyFileExW
GetFileInformationByHandle
SetConsoleCursorPosition
GetShortPathNameW
EnumTimeFormatsW
lstrcmpA
EnumCalendarInfoA
CloseHandle
SetEnvironmentVariableW
GlobalFree
GetOEMCP
IsProcessorFeaturePresent
SetEndOfFile
CreateNamedPipeW
CreatePipe
InitializeCriticalSection
GetDateFormatA
WritePrivateProfileStructA
PrepareTape
lstrcmpiW
GlobalUnlock
GetDiskFreeSpaceExA
GetSystemDefaultLangID
FormatMessageA
FindResourceExW
ReleaseMutex
GetShortPathNameA
IsBadWritePtr
EnumSystemCodePagesW
GetLocaleInfoW
GetTempPathW
SizeofResource
ScrollConsoleScreenBufferA
GetModuleHandleA
GetCommState
GetPrivateProfileSectionW
LeaveCriticalSection
TryEnterCriticalSection
IsBadStringPtrA
GetPrivateProfileStringA
GetCommandLineA
QueryDosDeviceW
VirtualProtect

user32

DestroyCaret
GetMessagePos
GetScrollPos
GetSystemMetrics
LoadStringW
CheckMenuItem
EndDeferWindowPos
ChangeDisplaySettingsW
InsertMenuA
SetParent
InsertMenuItemA
GetKeyNameTextW
DispatchMessageW
SendDlgItemMessageW
DrawTextW
DialogBoxParamA
GetMessageW
DispatchMessageA
ChangeMenuW
ChildWindowFromPoint
DestroyCursor
GetScrollBarInfo
MoveWindow
VkKeyScanA
CloseWindowStation
GetForegroundWindow
GetWindowWord
RegisterDeviceNotificationW
SetClassLongA
LoadImageW
GetDlgItemTextA
SetClipboardData
GetNextDlgGroupItem
SetDlgItemTextA
SetCursorPos
ClipCursor
GetKeyboardLayoutNameW
ModifyMenuA
SetProcessWindowStation
CreateMDIWindowW
GetWindowLongW
DefMDIChildProcW
OpenDesktopA
SetWindowTextW
SetCapture
ShowScrollBar
ShowOwnedPopups
GetMenuItemCount
IsWindowUnicode
CreatePopupMenu
MapVirtualKeyA
GetLastActivePopup
UnregisterHotKey
SubtractRect

gdi32

GetViewportOrgEx
GetStretchBltMode
CreatePalette
CloseMetaFile
CreateCompatibleBitmap
OffsetRgn
SelectClipPath
SetLayout
SetMapMode
SetViewportOrgEx
EnumFontsW
GetBrushOrgEx
RectInRegion
TextOutW

comdlg32

PrintDlgW
ChooseColorA

advapi32

AllocateAndInitializeSid
ObjectCloseAuditAlarmW
CryptGetUserKey
SetThreadToken
RegQueryValueExW
CryptGetKeyParam
IsValidSecurityDescriptor
ImpersonateSelf
RegEnumKeyW
GetServiceDisplayNameW
RegQueryValueExA
SetFileSecurityW
BuildTrusteeWithNameW
SetServiceStatus
RegOpenKeyExA
ReportEventW
GetAce
GetFileSecurityA
GetSecurityDescriptorSacl
RegUnLoadKeyW
RegOpenKeyW
SetSecurityInfo
LockServiceDatabase
LookupAccountSidW
CreateServiceA
OpenProcessToken
RegRestoreKeyA

shell32

Shell_NotifyIconA
Shell_NotifyIconW
SHFileOperationA

ole32

CoLockObjectExternal
OleCreateMenuDescriptor

oleaut32

VariantChangeType
SysFreeString

comctl32

ImageList_DragLeave
ImageList_EndDrag

shlwapi

StrCmpNIA
PathUnquoteSpacesW
SHQueryValueExW
UrlGetPartW
PathUnquoteSpacesA
StrCmpNA
PathIsUNCW
PathRemoveFileSpecW
StrCmpW
StrPBrkW

setupapi

SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameW

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

21440acb23262c49ba1acdc0e4ce88bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 16KB