4bc7efaad8ea5606342623e660f021d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bc7efaad8ea5606342623e660f021d7_JaffaCakes118
Size

937KB
MD5

4bc7efaad8ea5606342623e660f021d7
SHA1

6fc2ce78e5ff4e9ec7dde62a7ef2cb2277ba5b1f
SHA256

416bc9bec1f918b68d1a3949dd4796613b348512f684fc5050df4c1ab2b7ca1a
SHA512

d71b8ef8bf0083901664d4f3da2b55c44b7694819d002dc1d8940de75717c4d362efc2c7c104555cee0aea773c480b1b1aef49ace0d54dfab4ecfe269c5354c0
SSDEEP

24576:3f1lLY+UKbQXNrWHxwssGPAYRQQtPpxDtjUL:3f1G+UKkKpjPAkVPftji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bc7efaad8ea5606342623e660f021d7_JaffaCakes118

Files

4bc7efaad8ea5606342623e660f021d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97b181fe8d26f2f0713057294ec60bbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetFileAttributesExA
Beep
GetConsoleCursorInfo
LocalSize
SwitchToFiber
ReleaseMutex
SetSystemTime
GetLongPathNameA
GetBinaryTypeW
ClearCommBreak
CopyFileExW
GetConsoleMode
TlsGetValue
WritePrivateProfileStructA
GlobalFlags
IsBadWritePtr
ExpandEnvironmentStringsW
GlobalAddAtomW
CreateDirectoryA
GetTapeStatus
VirtualQueryEx
SetConsoleCursorPosition
GetBinaryTypeA
CreateMutexA
GlobalFindAtomW
ExitProcess
GlobalGetAtomNameW
SetEnvironmentVariableA
SetThreadLocale
lstrcmpA
FindFirstFileExW
IsBadReadPtr
GlobalFindAtomA
FormatMessageW
FindFirstFileA
FindCloseChangeNotification
RemoveDirectoryW
SetEndOfFile
CreateWaitableTimerA
GetSystemDirectoryW
GetDriveTypeW
ReleaseSemaphore
GetUserDefaultLCID
FreeLibraryAndExitThread
SearchPathW
GetCurrentDirectoryW
OutputDebugStringA
GetFileType
LocalReAlloc
WaitNamedPipeA
GetProcessHeap
VirtualLock
TryEnterCriticalSection
IsProcessorFeaturePresent
DeleteFiber
GetNumberFormatW
GetThreadPriority
GetDriveTypeA
EnumResourceNamesA
VirtualAllocEx
GetFileAttributesA
OpenMutexA
SetMailslotInfo
GetLocaleInfoW
PeekConsoleInputW
FreeResource

user32

SystemParametersInfoW
SetWindowsHookExW
LoadBitmapW
SwitchToThisWindow
LoadMenuW
SetProcessWindowStation
EnumWindowStationsA
GetClassNameA
EndPaint
EnableMenuItem
SetProcessDefaultLayout
IsMenu
GetDlgItemTextA
CreateMDIWindowW
UnregisterDeviceNotification
GetWindowTextLengthW
MapWindowPoints
InsertMenuItemW
GetScrollInfo
SendNotifyMessageW
DispatchMessageA
CreateCaret
SetClipboardData
GetWindowTextA
SetPropW
SwitchDesktop
CallNextHookEx
SendMessageTimeoutW
SendMessageA
CountClipboardFormats
keybd_event
IsCharLowerW
PtInRect
CheckMenuItem
ShowCursor
CallWindowProcW
GetWindowPlacement
EnableWindow
SetRectEmpty
HiliteMenuItem
SetWinEventHook
CharToOemBuffA
CreatePopupMenu
SetWindowTextA
LoadIconA
GetClientRect
GetPropA
GetActiveWindow
CheckDlgButton
GetSystemMetrics
GetCursorPos
TranslateAcceleratorW
DispatchMessageW
CreateDesktopA
CharUpperA
MessageBoxIndirectW
GetWindowInfo
GetGuiResources
BeginDeferWindowPos
MonitorFromRect
CreateDialogIndirectParamA
CopyAcceleratorTableW
GetTabbedTextExtentW
GetTopWindow
GetKeyboardLayoutNameA
PeekMessageW

gdi32

GetEnhMetaFilePaletteEntries
RectInRegion
SetBkMode
CopyMetaFileW
Rectangle
SetRectRgn
Polygon
RealizePalette
GetStretchBltMode
CreateFontIndirectW
SetPolyFillMode
ExtEscape
ChoosePixelFormat
ExtTextOutW
CloseFigure
ExtCreateRegion

advapi32

RegLoadKeyA
RegisterServiceCtrlHandlerW
RegDeleteValueA
ImpersonateNamedPipeClient
CryptVerifySignatureA
RegQueryValueW
RevertToSelf
BuildTrusteeWithNameW
SetTokenInformation
RegSetValueA
CopySid
RegOpenKeyW
RegOpenKeyExA
AbortSystemShutdownA
GetFileSecurityA
AdjustTokenPrivileges
RegDeleteValueW
CryptHashData
CryptDecrypt
LookupPrivilegeValueA
EnumDependentServicesW
RegCreateKeyExW
CryptReleaseContext

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
Shell_NotifyIconA
SHLoadInProc
FindExecutableW

ole32

OleCreate
CoInitializeEx
ReadClassStm
OleGetIconOfClass
CoMarshalInterThreadInterfaceInStream
OleCreateFromData
OleBuildVersion

oleaut32

SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SysStringLen

comctl32

ImageList_BeginDrag
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathAppendW
SHStrDupW
PathCanonicalizeW
ChrCmpIW
PathRelativePathToW
PathCanonicalizeA
SHRegCloseUSKey
PathIsURLW
PathFindFileNameW
SHRegGetUSValueW
StrToIntExW
PathAppendA
StrFormatByteSize64A
StrStrIA
UrlCombineW
PathStripToRootA
PathAddBackslashA
StrStrW
AssocQueryStringW

Sections

.text
Size: 11KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97b181fe8d26f2f0713057294ec60bbc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 11KB - Virtual size: 228KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 611KB - Virtual size: 611KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 11KB - Virtual size: 228KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 611KB - Virtual size: 611KB

.rsrc
Size: 17KB - Virtual size: 16KB