3de9de8dbc42899f5c213f09e2238ca2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3de9de8dbc42899f5c213f09e2238ca2_JaffaCakes118
Size

268KB
MD5

3de9de8dbc42899f5c213f09e2238ca2
SHA1

73086c5c29ceca1f36c0b7db2748ca65944be10e
SHA256

4fbbaf487035c8c10ba9fdf1ca515a2c18a938dce295207cffb94056c89aa979
SHA512

42f0ebc110843283543778703c1a6d8f598c4f7a7ed0d4f13956472347df5a408a5e877e7d18d942d7cd59ce534239735316b5b7cd557c874a29bb6d052d99f0
SSDEEP

6144:WKFal4ZTgUBc47NrCU55NFBKL6TrH/JqbOzpdGCBXvjGBoPs:WMay5g6cwNmU55N3/JhTBXvLE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3de9de8dbc42899f5c213f09e2238ca2_JaffaCakes118

Files

3de9de8dbc42899f5c213f09e2238ca2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2daa3980dfa506b11fa13caa8556fa97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterA
GetVersionExA
GetCommandLineA
VirtualAlloc
ExitProcess

user32

EnableScrollBar
GetDlgItemInt
EnumDesktopsW
CopyIcon
OemToCharBuffA
DeleteMenu
SetActiveWindow
GetMenuStringW
GetCaretBlinkTime
InflateRect
IsClipboardFormatAvailable
GetNextDlgGroupItem
PeekMessageA
LoadAcceleratorsA
CheckMenuRadioItem

gdi32

CreateBrushIndirect
GdiComment
Arc

comdlg32

ChooseFontW

advapi32

CryptDeriveKey
SetSecurityDescriptorDacl
GetServiceDisplayNameA
RegSetValueExW
QueryServiceConfigW
RegCloseKey
RegSaveKeyW
IsValidAcl
RegQueryValueExW
EqualSid
CryptReleaseContext
RegFlushKey
PrivilegeCheck
AllocateAndInitializeSid
CryptAcquireContextA
SetSecurityInfo
InitializeSid
RegRestoreKeyW
StartServiceA
GetUserNameA
AddAce
RegCreateKeyW
CreateProcessAsUserA

shell32

SHGetSpecialFolderPathA
FindExecutableA
SHChangeNotify
SHFileOperationA

ole32

CLSIDFromString
OleSave
ReadClassStg
OleCreateFromData
GetClassFile
OleSaveToStream
CoDisconnectObject
OleLockRunning
StgSetTimes

oleaut32

SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayRedim
SafeArrayPutElement
SafeArrayUnaccessData
SysFreeString

comctl32

ImageList_LoadImageW
ImageList_SetOverlayImage
ord17

shlwapi

PathRemoveBlanksW
StrCpyW
PathIsRootW
StrChrIA
StrToIntW
PathIsUNCA
PathFindOnPathW
StrCmpNIA
StrCatBuffA
PathStripPathW
UrlIsW
StrStrA

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2daa3980dfa506b11fa13caa8556fa97

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB