470168160eef521f0bd5f6ecca46e6c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

470168160eef521f0bd5f6ecca46e6c0_JaffaCakes118
Size

328KB
MD5

470168160eef521f0bd5f6ecca46e6c0
SHA1

00daabff3f8ee8ece2aca725b46361fcca652db6
SHA256

0a3b4ba32caed8e9e89ae7d9ebfa418630cb057d2241c53ad5af33e7df6eea14
SHA512

c9ac18c1134756dd95cba4c4b1457649cc3536c68ba7d6e89e63b25872668c0d70f2ea6c9ce06e71ba1f63052ac17f3570989fe23e797b30e014c1bf5322b293
SSDEEP

6144:aXUSF5noIazHwPJnC7bQafoKPGmv6hneF2AZixdkW1kI4hoPQS:aLjoQJgHfojm0necSwPcm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
470168160eef521f0bd5f6ecca46e6c0_JaffaCakes118

Files

470168160eef521f0bd5f6ecca46e6c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da694474755cac3adcbd752dd0d140d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
SetStdHandle
_lread
TryEnterCriticalSection
GetEnvironmentStringsW
GetTapeParameters
GetACP
LoadLibraryExW
CreateIoCompletionPort
EnumResourceNamesA
GetThreadPriority
GetCurrentProcess
GetNumberFormatW
GetPrivateProfileStringA
GetPrivateProfileStringW
CancelIo
GetProcessHeap
GetLogicalDriveStringsA
LocalSize
GetCommandLineA
ExitProcess
lstrlenA
VirtualProtect

user32

InvalidateRect
EnableMenuItem
GetDC
GetMessageW
AdjustWindowRectEx
WinHelpA
SetUserObjectSecurity
CharNextA
OpenDesktopW
GetClipboardOwner
CreateDialogIndirectParamW
PeekMessageW
GetForegroundWindow
GetScrollPos
ShowWindowAsync
GetCaretBlinkTime
GetMenuStringW
PtInRect
UpdateWindow
OemToCharBuffA
CloseWindowStation
GetProcessDefaultLayout
TabbedTextOutW
DefDlgProcW
GetMenuDefaultItem
GetWindowTextA
GetThreadDesktop
LoadCursorA
CloseDesktop
SetScrollRange
InvalidateRgn
SetMenuItemBitmaps
FrameRect
SystemParametersInfoA
SetProcessWindowStation

gdi32

CreatePatternBrush
StretchDIBits
SetDIBitsToDevice
SetArcDirection
CreateDIBPatternBrushPt
CreateDIBSection
DPtoLP
PathToRegion
SetWindowOrgEx
PolyDraw
GetBkColor
EqualRgn
SetRectRgn
SelectClipPath

advapi32

RegOpenKeyExA
CryptDestroyKey
CloseEventLog
ClearEventLogW
CloseServiceHandle
MakeSelfRelativeSD
SetFileSecurityA
SetEntriesInAclA
GetNamedSecurityInfoA
CopySid
RegQueryValueExW
CryptGenKey
GetAce
RegCreateKeyExA
RegisterEventSourceA

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
OleGetIconOfClass
OleSaveToStream
CoCreateInstanceEx

comctl32

ImageList_Create
ImageList_Merge
ImageList_Destroy

shlwapi

StrChrIA
StrFormatByteSize64A
SHDeleteKeyA
SHRegOpenUSKeyW
StrCmpNIA
wvnsprintfW
SHDeleteKeyW
SHStrDupW
StrCmpLogicalW
SHRegSetUSValueW
PathCompactPathW
StrChrW
PathIsFileSpecA

setupapi

SetupDiSetDeviceInstallParamsW
SetupOpenFileQueue
SetupDiCreateDeviceInfoA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsW
SetupCloseFileQueue
SetupDiOpenDeviceInterfaceW
SetupDiCreateDeviceInfoList
SetupPromptReboot

Sections

qKdnE
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

LazthBs
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

jSHeq
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fqZDA
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da694474755cac3adcbd752dd0d140d7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

setupapi

Sections

qKdnE Size: 284KB - Virtual size: 281KB

LazthBs Size: 4KB - Virtual size: 3KB

jSHeq Size: 28KB - Virtual size: 26KB

fqZDA Size: 8KB - Virtual size: 4KB

qKdnE
Size: 284KB - Virtual size: 281KB

LazthBs
Size: 4KB - Virtual size: 3KB

jSHeq
Size: 28KB - Virtual size: 26KB

fqZDA
Size: 8KB - Virtual size: 4KB