4027d4d63c3ee0394cd31e581636d156_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4027d4d63c3ee0394cd31e581636d156_JaffaCakes118
Size

348KB
MD5

4027d4d63c3ee0394cd31e581636d156
SHA1

24ca4796cd77a681016847e558a933be00a55ee0
SHA256

c12ec820550ddbc9a9040a98b799b7cf432307a0332d3382a3336ea799e6d031
SHA512

6c82dcae975d092aca4b401b6eac58c7dab50250484daa28913f347c3c9042cd9b177af24e40211514fb1264ebda96722bac5d8e13c9e96d3350dc90225c3ac9
SSDEEP

6144:e65UwndLawYpwFRZpR87dXVv97k7k3V5Hu2YUMhM9Aijg/D+FxH/yksVy6t67B+8:eUDV6wPHOpp9oIVFunUMq7jg/2VUVZa9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4027d4d63c3ee0394cd31e581636d156_JaffaCakes118

Files

4027d4d63c3ee0394cd31e581636d156_JaffaCakes118
.exe windows:4 windows x86 arch:x86

996ae513724f7428d2019e31ee9e134e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetSystemDefaultLangID
FindFirstFileW
WaitNamedPipeA
GlobalFindAtomW
GlobalReAlloc
GetACP
EnumTimeFormatsW
CancelIo
GetCurrentProcess
SetConsoleWindowInfo
IsDBCSLeadByteEx
CompareStringA
SetEndOfFile
LoadLibraryExW
PeekConsoleInputW
ReleaseSemaphore
LeaveCriticalSection
SetThreadAffinityMask
GetCompressedFileSizeW
GetFullPathNameA
GetFileInformationByHandle
CreateEventA
CreateDirectoryW
GetTimeZoneInformation
GetLocaleInfoW
GetSystemDirectoryW
LocalLock
SetMailslotInfo
IsBadStringPtrA
SystemTimeToFileTime
ReleaseMutex
GlobalGetAtomNameW
SetTimeZoneInformation
EnumResourceNamesA
GetThreadPriority
QueryDosDeviceW
VirtualFree
WritePrivateProfileSectionW
VirtualLock
ConnectNamedPipe
WriteConsoleOutputW
GetLogicalDriveStringsA
GlobalDeleteAtom
ReadDirectoryChangesW
OutputDebugStringW
SetProcessWorkingSetSize
GetEnvironmentStringsW
GetCurrentDirectoryW
SetErrorMode
VirtualProtect
GetVersionExA
GetCommandLineA
LoadResource
ExitProcess
RemoveDirectoryA
FreeEnvironmentStringsA
GetCommModemStatus
SetConsoleOutputCP
GetCurrentProcessId
SetConsoleMode
RaiseException
FindResourceExW
FreeResource
CreatePipe
EnumCalendarInfoA
LoadLibraryExA
FreeLibraryAndExitThread
SuspendThread
lstrlenA

user32

CharLowerW
CopyIcon
ChildWindowFromPoint
IsCharUpperA
DrawEdge
ShowOwnedPopups
PostMessageW
CreateWindowExW
MonitorFromRect
SetMenuItemInfoA
GetDlgItemTextA
GetClipboardFormatNameW
TrackPopupMenuEx
BroadcastSystemMessageW
GetScrollRange
LoadKeyboardLayoutW
ScrollWindow
DeferWindowPos
EnumWindowStationsW
GetWindowTextA
CharUpperBuffA
RegisterClipboardFormatA
MonitorFromPoint
GetWindowTextW
CopyAcceleratorTableW
GetMenuDefaultItem
GetKeyboardState
GetAncestor
EndPaint
GetWindowInfo
ChangeMenuW
GetTabbedTextExtentA
SetWindowContextHelpId
CharLowerBuffA
IsZoomed
LoadImageA
GetSystemMenu
DestroyCursor
InternalGetWindowText
OpenInputDesktop
OffsetRect
PostThreadMessageW
GetAsyncKeyState
GetWindowLongW

gdi32

DeleteDC
GetTextExtentPoint32A
CreateBrushIndirect
DeleteEnhMetaFile
GetLayout
GetTextAlign
CreateHatchBrush
ResizePalette
PatBlt
IntersectClipRect
CopyMetaFileW
RectVisible

advapi32

CreateProcessAsUserW
BuildSecurityDescriptorW
ImpersonateLoggedOnUser

shell32

SHFileOperationA
SHGetDesktopFolder
ExtractIconExW

ole32

MkParseDisplayName

oleaut32

VariantCopy
SysStringLen
SafeArrayUnaccessData
LoadTypeLibEx
SafeArrayGetElement
SafeArrayPutElement

shlwapi

StrStrW
StrDupW
StrTrimA

setupapi

SetupDiSetSelectedDevice
SetupScanFileQueueW
SetupOpenFileQueue
SetupIterateCabinetA
SetupOpenAppendInfFileW
SetupIterateCabinetW
SetupDiGetDeviceInstanceIdA
SetupGetInfFileListA
SetupDiGetClassDevsA
SetupInitDefaultQueueCallback

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

996ae513724f7428d2019e31ee9e134e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB