421eb52e3b2fc2424b4594b0310e64ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

421eb52e3b2fc2424b4594b0310e64ec_JaffaCakes118
Size

23KB
MD5

421eb52e3b2fc2424b4594b0310e64ec
SHA1

84702368c49c5994079f3304a0e1f5e1970faab5
SHA256

27344081d8e93ec7136ae35d4aad585e393bba3b256bebd8ec3fe140a0a5e19a
SHA512

474f61306a6dbb1ab2efa62ee4bb92d065b8aabed3efdde82d6a5b6a5a9cd6d8278bf11aaa4839b41c6029756dedc443cbd1e942721e7d8a78a966884dc9f26d
SSDEEP

384:SY3qBxTZbAWR6d7XIPs6GUxT8MM8nwO6LWcaWxe43FaKTB+VnhSU1G9w:S6qBvbARWA04vCwO2Nxe43FauMhWq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421eb52e3b2fc2424b4594b0310e64ec_JaffaCakes118

Files

421eb52e3b2fc2424b4594b0310e64ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8190d0cd9de4c26ba60097ffba1a8474

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_cscanf
_mbscoll
wctomb
__p__pwctype
_fcloseall
_wchmod
_unloaddll
_ismbbalpha
_getsystime
_acmdln
_adj_fdivr_m64
_heapchk
__threadid
_spawnvp
_wspawnvp
_except_handler2
abort
tmpnam
_mkdir
_timezone
fgetc
remove
_wputenv
_safe_fdivr
log10
strtol
_ismbcspace
_c_exit
_mbsnicoll
_mbscspn
_futime
_adj_fdivr_m32
_mbslwr
iswprint
_heapwalk
wcstoul
ungetc
_ultoa
strrchr
vfwprintf
_putw
_wunlink
_logb
atof
_wcsicmp
_wfopen
_strcmpi

advapi32

GetNamedSecurityInfoA
RegGetKeySecurity
ObjectOpenAuditAlarmA
GetNamedSecurityInfoExW
SetNamedSecurityInfoExW
CryptDecrypt
SetNamedSecurityInfoA
UnlockServiceDatabase
RegSetKeySecurity
CryptEnumProviderTypesA
ConvertSecurityDescriptorToAccessW
AbortSystemShutdownW

gdi32

PtInRegion
GetNearestColor
CopyEnhMetaFileA
SaveDC
SetLayout
GetROP2
GetObjectA
EnumMetaFile
GetMapMode
GetStockObject
GetMiterLimit
AnimatePalette
GetViewportExtEx
OffsetViewportOrgEx
CreatePen
GetICMProfileW
SetViewportOrgEx
GetObjectType
ExtFloodFill
GetCurrentPositionEx
GetTextCharset
SetLayout
GetTextMetricsA
CancelDC
BitBlt

user32

DispatchMessageW
SetProcessDefaultLayout
EnumDesktopsA
DdeReconnect
DdeQueryConvInfo
GetDlgItem
RegisterDeviceNotificationA
UnregisterClassW
IsCharAlphaNumericA
DdeSetQualityOfService
GetMonitorInfoA
DdeUnaccessData
IsWindowVisible
IsWindow
GetKeyNameTextA
IsClipboardFormatAvailable
ScrollWindowEx
DrawIcon
IsDlgButtonChecked
GetWindowInfo
GetKBCodePage
LockWindowStation
InternalGetWindowText
GetScrollBarInfo
CreateDialogParamA
LoadCursorA
GetCaretPos
LoadStringW
ModifyMenuW
TrackPopupMenuEx
ShowOwnedPopups
DrawTextA

kernel32

FreeLibraryAndExitThread
GetEnvironmentStringsA
CreateWaitableTimerA
FreeConsole
lstrcmpiA
VirtualAllocEx
lstrcmpiW
lstrlenA
GetCommandLineW
GetSystemDirectoryW
CancelDeviceWakeupRequest
GetModuleHandleA
GetLastError
ExitProcess
TerminateProcess
GetNumberOfConsoleMouseButtons
SetWaitableTimer
SetLocalTime
VirtualFree
GetNumberFormatA
SetErrorMode
CreateMailslotA
GetStartupInfoW
BuildCommDCBA
lstrcmpA
GlobalFindAtomA
FindFirstChangeNotificationA
CreateDirectoryW
GetExitCodeProcess
GetLocalTime
GetWindowsDirectoryA
GetProcessHeap
RequestDeviceWakeup
GetStdHandle
GetCalendarInfoA
lstrcmpW
Module32Next
GetModuleHandleW
VirtualUnlock

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ggpqw
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.skbdf
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8190d0cd9de4c26ba60097ffba1a8474

Headers

File Characteristics

Imports

msvcrt

advapi32

gdi32

user32

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.ggpqw Size: 4KB - Virtual size: 16KB

.skbdf Size: 3KB - Virtual size: 27KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.ggpqw
Size: 4KB - Virtual size: 16KB

.skbdf
Size: 3KB - Virtual size: 27KB

.reloc
Size: 1024B - Virtual size: 1KB