43d207c414f62f8721810d089cee0566_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43d207c414f62f8721810d089cee0566_JaffaCakes118
Size

1.6MB
MD5

43d207c414f62f8721810d089cee0566
SHA1

5b7c79c6fdfad71a1351737a145218553708a433
SHA256

7384c79faceb62a3a7db6d8fce292100d4e67b882aa4e81bf127593f1b027e42
SHA512

a04c2baccfb30b88853e959ed68e4b08bf2e4fd3582d49426ce1b799da47ef653197b1610a482280159d0458cb715051bbda995fab38604b248d783eab129aa1
SSDEEP

49152:gTUYQgyrdHojE9/LpY6p2U58yyxN1QpNwE50:gwY/KIjE9DpkU5yXQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43d207c414f62f8721810d089cee0566_JaffaCakes118

Files

43d207c414f62f8721810d089cee0566_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e891acd874893a72b2ec7476e6d750dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
GetCommModemStatus
VirtualAlloc
lstrcpynA
GetPrivateProfileStringW
SetFileAttributesA
SetProcessAffinityMask
GetConsoleCursorInfo
SetTimeZoneInformation
WriteConsoleOutputCharacterA
EnumCalendarInfoA
ReadFile
SetThreadAffinityMask
FlushFileBuffers
FileTimeToLocalFileTime
FreeEnvironmentStringsA
IsBadReadPtr
EnumResourceLanguagesW
RaiseException
WritePrivateProfileSectionA
EraseTape
_lread
ReadConsoleA
CreateDirectoryA
EnumTimeFormatsW
EnumSystemCodePagesA
LocalReAlloc
GetShortPathNameW
GetProcessHeap
FlushConsoleInputBuffer
SizeofResource
GetVersion
GetUserDefaultLCID
GetEnvironmentVariableW
RemoveDirectoryW
SetStdHandle
GetDateFormatA
FindNextChangeNotification
ReadDirectoryChangesW
EnumResourceNamesA
FreeResource
SwitchToFiber
DebugBreak
QueryDosDeviceA
GetSystemDirectoryW
ExpandEnvironmentStringsW
FindCloseChangeNotification
IsBadWritePtr
OpenFile
LeaveCriticalSection
EnumResourceNamesW
_lopen
EnumCalendarInfoW
LocalAlloc
GetACP
VirtualQueryEx
LoadLibraryExW
GlobalAddAtomW
GetTickCount
DuplicateHandle
GetCommState
TryEnterCriticalSection
OutputDebugStringW
SuspendThread
VirtualFree
SetCurrentDirectoryA
SetConsoleCursorPosition
GetNumberFormatW
SetEnvironmentVariableA
SetThreadPriorityBoost
IsDBCSLeadByteEx
ExitProcess

user32

GetUserObjectInformationA
ToAscii
CountClipboardFormats
EnumThreadWindows
ChangeDisplaySettingsExA
InvertRect
VkKeyScanW
FindWindowExW
DefMDIChildProcA
GetQueueStatus
GetMenuStringA
DrawIconEx
GrayStringW
RegisterDeviceNotificationW
LoadIconA
IsRectEmpty
OemToCharBuffA
WindowFromPoint
SetClassLongW
SendDlgItemMessageA
GetScrollPos
SetMenuItemBitmaps
ClientToScreen
GetSystemMenu
RegisterClipboardFormatA
GetKeyNameTextA
AttachThreadInput
SetScrollPos

gdi32

EnumFontsA
EnumFontFamiliesA
GetGlyphOutlineW
CreatePolygonRgn
GetCharacterPlacementA
FillPath
ExtCreateRegion
GetEnhMetaFileHeader
LineTo
IntersectClipRect
CreateEllipticRgn
SetPixelV
GetCharWidthA
InvertRgn
ChoosePixelFormat
CreateFontIndirectW
AddFontResourceW
CreateDIBPatternBrush
GetDeviceCaps
CreatePen

comdlg32

PageSetupDlgA

advapi32

StartServiceA
RegOpenKeyExA
MapGenericMask
OpenSCManagerA
RegDeleteValueA
RegCreateKeyA
RegEnumValueA
SetFileSecurityA
LookupAccountNameW
AbortSystemShutdownA
CreateServiceW
GetServiceDisplayNameA
CreatePrivateObjectSecurity

shell32

SHGetDesktopFolder
Shell_NotifyIconW
DragFinish
SHFileOperationA
ExtractIconExW

ole32

CoFileTimeNow
OleInitialize
MkParseDisplayName
CoRegisterClassObject
ProgIDFromCLSID

oleaut32

VariantCopy
SetErrorInfo
SafeArrayUnaccessData
LoadTypeLibEx
LoadTypeLi
SysStringLen
SafeArrayPutElement
SysFreeString

comctl32

ImageList_SetOverlayImage
ord17
ImageList_SetImageCount

shlwapi

PathFindExtensionW
SHRegOpenUSKeyW
StrCmpW
PathRemoveFileSpecW
StrChrA
StrTrimW
StrRetToBufW
SHSetThreadRef
PathIsDirectoryA
StrFormatByteSizeA
StrCmpNW
UrlCombineW
PathIsRelativeW
SHRegCloseUSKey
PathGetArgsW
StrDupA

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e891acd874893a72b2ec7476e6d750dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 219KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB