459f3ac19a796497986e9901d5ab25e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

459f3ac19a796497986e9901d5ab25e9_JaffaCakes118
Size

296KB
MD5

459f3ac19a796497986e9901d5ab25e9
SHA1

75d5ebe72e1ba615db4d65817d0a9f14aca64438
SHA256

2dd0e41f06ff84169274fff5d1a93b33c214ddeb4d3601875052a8d8ebe398b6
SHA512

c4ba34d8d0cd7182adb1a7420c990c8c7f60f40cdb8e168067adeee318533e58afda42e3e58f20c409e4e32b90a4a22785c22975c1980b1d745ec2435f7251db
SSDEEP

6144:JKj/lBhJM9v9gYnwG7Orh7UFo7y4TEdE:JC/LTM9voG6rh75O4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
459f3ac19a796497986e9901d5ab25e9_JaffaCakes118

Files

459f3ac19a796497986e9901d5ab25e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26dc9f299bf8449df46326c252574c99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputW
SetLastError
GetFileAttributesExA
SizeofResource
SetEnvironmentVariableW
GetFileInformationByHandle
ReleaseSemaphore
FatalAppExitA
ExpandEnvironmentStringsW
LoadResource
GetPrivateProfileStringW
FormatMessageW
GetTapeParameters
IsBadReadPtr
SetCommTimeouts
OpenMutexA
PrepareTape
lstrcatW
GetBinaryTypeA
LocalSize
GetConsoleMode
EraseTape
UnhandledExceptionFilter
SetCurrentDirectoryA
AreFileApisANSI
EnumSystemCodePagesW
LocalAlloc
EnumSystemCodePagesA
VirtualLock
FindFirstFileW
GetDiskFreeSpaceW
SetProcessWorkingSetSize
GetCompressedFileSizeW
CreateMutexA
SetMailslotInfo
TryEnterCriticalSection
CreateNamedPipeW
GetCommState
CopyFileExW
ReleaseMutex
SetConsoleActiveScreenBuffer
PulseEvent
GetSystemTimeAsFileTime
GetShortPathNameW
VirtualQuery
DuplicateHandle
lstrcmpiA
GlobalFree
MoveFileW
GetEnvironmentStringsW
VirtualAlloc
GetSystemTime
PeekNamedPipe
LoadLibraryExA
SetHandleCount
ReadFileScatter
LocalFileTimeToFileTime
GetProcessHeap
VirtualProtect
GetModuleHandleA
CompareStringW
SetEvent
FileTimeToLocalFileTime
FindCloseChangeNotification
GetFileType
GenerateConsoleCtrlEvent
GetCommModemStatus
EnumTimeFormatsW
SetSystemTime
GetFileAttributesA
PeekConsoleInputW
GetStartupInfoA
GetWindowsDirectoryA
GetDriveTypeA
_lopen
GetBinaryTypeW
lstrcpynA
FlushConsoleInputBuffer
GetTickCount
CreateFileW
CreateEventA
SwitchToFiber
CreateIoCompletionPort
GetOEMCP
WritePrivateProfileSectionW
_lclose
GetCurrentProcessId
GetTempFileNameA
VirtualUnlock
FindResourceExW
EnumCalendarInfoA
LocalLock
SetNamedPipeHandleState
CreatePipe
CreateDirectoryExA
DeleteCriticalSection
lstrlenA

user32

GetMenuInfo
IsCharLowerA
GetFocus
ClientToScreen
GetWindowTextA
SetWindowPos
CreateCaret
PostQuitMessage
GetDCEx
EnumThreadWindows
SetCursor
EnableWindow
GetKeyboardLayoutNameA
EnumChildWindows
RegisterClassA
SetScrollInfo
ScrollDC
DefWindowProcA
SetRect
EqualRect
ReplyMessage
GetKeyboardState
GetNextDlgTabItem
GetProcessWindowStation
VkKeyScanA
IsWindowVisible
GetClassNameW
SetCapture
UnregisterDeviceNotification
GetSystemMetrics
GetInputState
SetCursorPos
ShowCaret
SetWindowLongA
CharPrevA
UpdateWindow
GetDlgItem
LookupIconIdFromDirectory

gdi32

CreateEnhMetaFileA
CreateFontA
RectInRegion
GetStockObject
GetTextMetricsA
ExtTextOutA
SetArcDirection
SetStretchBltMode
CopyEnhMetaFileW
GetTextExtentPointW

comdlg32

ReplaceTextA

advapi32

GetAce
RegQueryInfoKeyA
SetServiceObjectSecurity
RegRestoreKeyW
GetExplicitEntriesFromAclW
ObjectCloseAuditAlarmW
GetFileSecurityA
DuplicateToken
CryptImportKey
ImpersonateLoggedOnUser
OpenServiceW
InitializeSid
CreatePrivateObjectSecurity
CryptGetHashParam
AddAccessDeniedAce
CryptDestroyHash
AddAccessAllowedAce
GetSidSubAuthority
GetFileSecurityW
AllocateAndInitializeSid
LookupAccountSidW
GetSecurityDescriptorSacl
RegSaveKeyA
LookupPrivilegeNameA

shell32

SHGetDesktopFolder
DragQueryPoint
SHGetSpecialFolderLocation
ExtractIconExW
Shell_NotifyIconW
Shell_NotifyIconA

ole32

OleCreateLink
ReadFmtUserTypeStg
CoFileTimeNow
CreateOleAdviseHolder
CoImpersonateClient
OleCreateMenuDescriptor
OleCreate
CreateStreamOnHGlobal

oleaut32

SafeArrayCreate

shlwapi

PathGetDriveNumberW
StrCmpIW
StrStrIW
SHRegGetUSValueW
StrToIntW
PathCompactPathExW
PathGetDriveNumberA

msvcrt

_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26dc9f299bf8449df46326c252574c99

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 280KB - Virtual size: 279KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 280KB - Virtual size: 279KB