4373433440b180818b273ddea9a2e918_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4373433440b180818b273ddea9a2e918_JaffaCakes118
Size

5.8MB
MD5

4373433440b180818b273ddea9a2e918
SHA1

39ff6bb0f81cfb2294d9b1609963adcd1aa84f37
SHA256

45fe26e879c1728a871c4ee8dc997a772868844822610cd439c1d3e97b10e7af
SHA512

61fefdc2238635bb398ea7694fecf84cbb8069a2e1be8d1bed5294a7e7065c1ce34fd401634ad737ddc5be244be5c36b4f71a6e79913e3145ab3560a0b29ef65
SSDEEP

98304:U/BEW8vncvQbpieWDTdZBzRfvjgq/otohzc+R6WmY/1f4uII/pf4lXZ/mgjzN33X:UGLPcWpWBX93UqwtCzltmESWfAZ/tNnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4373433440b180818b273ddea9a2e918_JaffaCakes118

Files

4373433440b180818b273ddea9a2e918_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46500b3a0783dcfa4fed683e10b3cc70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
RemoveDirectoryW
CreateDirectoryA
CancelIo
DeleteCriticalSection
LCMapStringA
SetConsoleTitleA
GetCompressedFileSizeW
GetFileAttributesExA
SystemTimeToFileTime
VirtualAlloc
GlobalAddAtomA
InitializeCriticalSection
FreeEnvironmentStringsA
WritePrivateProfileSectionA
GetLongPathNameA
FreeLibraryAndExitThread
GetDiskFreeSpaceW
GetStringTypeExW
GetEnvironmentVariableW
GetShortPathNameA
WaitNamedPipeA
VirtualQueryEx
EraseTape
SetCurrentDirectoryA
GetShortPathNameW
CreateMutexW
EnumResourceLanguagesW
CreateDirectoryW
SuspendThread
FileTimeToLocalFileTime
SetHandleCount
VirtualProtect
SetVolumeLabelA
GetHandleInformation
PulseEvent
GlobalAddAtomW
PeekConsoleInputW
GetSystemDefaultLangID
EnumDateFormatsW
EnumResourceNamesA
VirtualAllocEx
VirtualUnlock
GetSystemDirectoryW
SetEnvironmentVariableA
GetFileInformationByHandle
PeekNamedPipe
SetEndOfFile
LocalLock
RaiseException
EnumSystemCodePagesA
GetPrivateProfileSectionW
LocalReAlloc
GlobalFlags
GetCPInfo
GetConsoleCursorInfo
GetOverlappedResult
GetProfileIntA
CreateNamedPipeW
_lread
WritePrivateProfileSectionW
OpenSemaphoreW
IsValidLocale
FlushConsoleInputBuffer
SwitchToFiber
GetProcessTimes
GetComputerNameW
FindResourceExW
IsDBCSLeadByteEx
ReadFileScatter
GetThreadPriority
GetDriveTypeA
GetVersion
OpenMutexA
IsProcessorFeaturePresent
GetTapeParameters
SetStdHandle
GetSystemInfo
EndUpdateResourceA
ExpandEnvironmentStringsW
GetTempFileNameA
GetLogicalDriveStringsA
SetEnvironmentVariableW
GetUserDefaultLangID
GetProcessHeap
ReadConsoleA
GetACP
PurgeComm
SearchPathW
CloseHandle
ExitProcess

user32

PtInRect
BroadcastSystemMessageW
CreateAcceleratorTableA
LoadImageW
SetDlgItemTextW
PeekMessageW
UnloadKeyboardLayout
MessageBeep
SendNotifyMessageA
TrackPopupMenuEx
wsprintfA
CopyAcceleratorTableW
SetMenuItemInfoW
LoadCursorA
OpenWindowStationA
IsCharLowerW
GetUserObjectSecurity
DialogBoxIndirectParamW
SetMenuItemInfoA
DeferWindowPos
GetKeyboardType
RegisterClassExW
GetScrollRange
DestroyAcceleratorTable
EnableWindow
FlashWindowEx
AdjustWindowRect
GetMenuStringW
GetMenuDefaultItem
BringWindowToTop
CheckMenuItem
SetClipboardData
GetAsyncKeyState
SetWindowsHookExW
EnableScrollBar
KillTimer
ScrollDC
InsertMenuW
GetWindowTextA
EmptyClipboard
ShowOwnedPopups
mouse_event

gdi32

GetOutlineTextMetricsA
PolylineTo
SetWorldTransform
RemoveFontResourceW
SetMapMode
CombineRgn
Ellipse
EqualRgn
CreateMetaFileA
StrokeAndFillPath
GetViewportExtEx
GetEnhMetaFileHeader
EndPath
GetDIBits
GdiFlush
GetTextMetricsA
GetViewportOrgEx
CreateBitmapIndirect

advapi32

GetCurrentHwProfileW
RegOpenKeyA
LogonUserW
LookupAccountNameA
OpenSCManagerA
LogonUserA
AbortSystemShutdownA
SetServiceObjectSecurity
LookupAccountNameW
GetUserNameW
SetSecurityDescriptorGroup
RegQueryInfoKeyA
GetSecurityDescriptorLength
SetEntriesInAclW
StartServiceCtrlDispatcherA
CryptGenKey
NotifyChangeEventLog
CryptSetHashParam
RegConnectRegistryW
CryptGenRandom
CryptEncrypt
GetTokenInformation
RegSetValueW
ChangeServiceConfigA
RegisterServiceCtrlHandlerA
CryptSetKeyParam
QueryServiceStatus
GetSidIdentifierAuthority
AccessCheckAndAuditAlarmW
ImpersonateNamedPipeClient
CryptAcquireContextA
AllocateAndInitializeSid
RegQueryValueA
QueryServiceConfigA

ole32

CoUninitialize
OleConvertIStorageToOLESTREAM
GetClassFile
IIDFromString
OleInitialize
CoCreateInstance

oleaut32

SysStringLen
SafeArrayPutElement
SysFreeString
SafeArrayCreate
VariantChangeType
VariantCopy
SafeArrayRedim
SafeArrayUnaccessData
LoadTypeLibEx
SafeArrayGetLBound

shlwapi

SHRegGetBoolUSValueA
SHGetValueW
StrStrA
PathGetDriveNumberA
StrCpyW
SHDeleteKeyA

msvcrt

_strnicoll
_access
_wsetlocale
_unlink
_mbscpy
_fcvt
setbuf
isupper
_wmakepath
_close
isxdigit
localeconv
strftime
fputws
_wspawnv
_mbscmp
_snprintf
_mbsupr
clearerr
_ltoa
_finite
_mbscat
_open_osfhandle
vwprintf
__p___argv
_wsystem
_wctime
ungetc
_fullpath
atof
_wcslwr
fwprintf
vprintf

Sections

.text
Size: 5KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46500b3a0783dcfa4fed683e10b3cc70

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 5KB - Virtual size: 226KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 226KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB