3d5c2c5645dfa1e98a913f29ea388a32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d5c2c5645dfa1e98a913f29ea388a32_JaffaCakes118
Size

304KB
MD5

3d5c2c5645dfa1e98a913f29ea388a32
SHA1

2e1dc3aab55b7d61b5467050cec153098f8013ac
SHA256

937fc1d520494be2db33ea28d2722958aca9588c1030cb9cc33c7e050c1ce4d6
SHA512

4afdd6fe3ffe1fbbc5764c6478807ba2e22bad9f240bcd748f987fbc82fa8abcf0b299fff6653264a75c544ee05e985a00471128d201042fb487bf8a5a52b4a7
SSDEEP

6144:ZG0gQkZmq1X8oKoWi4MA4abOly2I8r/MPk5Iy0CHBVLyRUYlYINV:ZsQab1MXK4MA9W3jMs5uqTLyVYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5c2c5645dfa1e98a913f29ea388a32_JaffaCakes118

Files

3d5c2c5645dfa1e98a913f29ea388a32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

188c6fd4a7f3038b9ff94bd99b92630d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
CompareStringA
PulseEvent
LocalFileTimeToFileTime
CreateWaitableTimerA
_llseek
LeaveCriticalSection
GetDateFormatA
FindFirstFileA
GlobalFindAtomA
IsProcessorFeaturePresent
GetCompressedFileSizeW
WritePrivateProfileStructA
DeleteCriticalSection
ReadFileScatter
EnumCalendarInfoW
RemoveDirectoryW
SetStdHandle
SetThreadLocale
IsDBCSLeadByteEx
LocalReAlloc
ScrollConsoleScreenBufferA
CancelIo
ExitProcess
ReadConsoleInputW
GetACP
EnumResourceNamesA
ReadFile
VirtualLock
GetTimeZoneInformation
DuplicateHandle
PurgeComm
GetVersion
SetConsoleCursorPosition
_hread
SetVolumeLabelA
Beep
PeekConsoleInputW
GetLongPathNameA
SetSystemTime
CreateMutexW
CreatePipe
SetEvent
VirtualQueryEx
lstrcpyA
SearchPathW
RemoveDirectoryA
ClearCommBreak
WritePrivateProfileStringA
VirtualProtect
GetVersionExA
FindCloseChangeNotification
SetTimeZoneInformation
GetCommConfig
GlobalFree
SetConsoleOutputCP
EnumDateFormatsW
WriteFile
EndUpdateResourceA
CreateIoCompletionPort
GetConsoleMode
OpenSemaphoreW
MultiByteToWideChar
_lclose
AreFileApisANSI
SizeofResource
GetLogicalDriveStringsA
FormatMessageA
_lread
GetSystemDirectoryW
GetNumberFormatW
SetCommTimeouts
SwitchToFiber
GetLocaleInfoW
WriteProcessMemory
GetModuleHandleA
UnhandledExceptionFilter
GetProfileIntA
GetDriveTypeW
IsValidLocale
IsBadReadPtr
GetVolumeInformationW
GetHandleInformation
GetCommandLineA
lstrcmpiW
lstrlenA

user32

MapVirtualKeyExW
DialogBoxParamW
HiliteMenuItem
ExitWindowsEx
EnumDesktopsW
SetWindowsHookW
CheckDlgButton
GrayStringA
GetMessageTime
InsertMenuA
GetWindowPlacement
IsWindowVisible
UnregisterHotKey
InsertMenuItemW
ClipCursor
DispatchMessageW
GetAncestor
SetScrollInfo
IsCharAlphaW
GetQueueStatus
EnumDisplayDevicesW
GetCursor
GetUserObjectInformationW
InvalidateRgn
ScreenToClient
GetSystemMenu
SetMenuItemBitmaps
GetWindowTextLengthA
CharToOemA
SetFocus
TileWindows
SetWindowsHookExW
CopyImage
SetParent
PtInRect
CharUpperBuffA
EnumChildWindows
SetForegroundWindow
CreateCaret
GetWindowTextA
LoadCursorFromFileW
ChildWindowFromPoint
LoadAcceleratorsW
UnionRect
IsCharLowerW
PeekMessageW
GetClipboardViewer
MessageBoxW
OemToCharBuffA
HideCaret
EndPaint
SetWindowPlacement
GetKeyboardLayoutNameA

gdi32

SelectClipRgn
ExtEscape
PlayEnhMetaFileRecord
EnumFontFamiliesExA
SetBkMode
SetTextCharacterExtra
Polygon
GetCharWidthA
StrokeAndFillPath
WidenPath
CopyMetaFileW
GetFontData
ChoosePixelFormat
CreateBitmap
GetEnhMetaFileHeader
GetBitmapBits
PolyBezierTo
InvertRgn

comdlg32

GetFileTitleA
PrintDlgW
GetOpenFileNameW

advapi32

IsValidAcl
CryptDestroyKey
GetSecurityDescriptorLength
CloseEventLog
RegRestoreKeyW
RegQueryValueA
SetSecurityDescriptorSacl
CryptSetKeyParam
RegisterEventSourceA
RegEnumValueW
GetNamedSecurityInfoW

shell32

SHGetDesktopFolder

ole32

OleConvertIStorageToOLESTREAM
CreateBindCtx
CreateOleAdviseHolder
StgOpenStorage
OleBuildVersion
CoReleaseMarshalData

oleaut32

SysAllocStringLen

comctl32

ImageList_AddMasked
ImageList_DragLeave
ImageList_DragShowNolock

shlwapi

PathStripPathA
PathRelativePathToA
PathIsRootW
PathFindFileNameW
PathCompactPathExW
StrCpyNW
PathFindFileNameA
StrCatBuffA
StrChrIA
SHSetThreadRef
StrToIntExW
SHQueryValueExW
StrTrimA
SHCopyKeyA
PathFindOnPathW

setupapi

SetupGetInfFileListA
SetupCloseFileQueue
SetupDiSetDeviceInstallParamsW
SetupDiGetClassDevsA
SetupPromptReboot

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

188c6fd4a7f3038b9ff94bd99b92630d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 280KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 284KB - Virtual size: 280KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 7KB