475daae57326cf39193548477301978d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

475daae57326cf39193548477301978d_JaffaCakes118
Size

388KB
MD5

475daae57326cf39193548477301978d
SHA1

07ca5ad9726cebbe91e78da83526f748948923c7
SHA256

cb225ce328e4fa44287eda02d610922963f6fe87986b4500dcab98607c0c0f16
SHA512

9978594b9e0913a665ca863fdc010e37224ca626ae999c7a751d90ea24532fe353fa09b5f39c3b2e5d86773b1a67180fd29404ecb7147083701d2e8c118322d3
SSDEEP

6144:Hh1Cr5MBA1vgtbU+i2JuryCxkyptvx3bAtSwGcp3SyfK4B5NSxSwepPPlGVUU9nr:OCOuE2MZ00Hcp3SSSbeR49ngFPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
475daae57326cf39193548477301978d_JaffaCakes118

Files

475daae57326cf39193548477301978d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8aaf11e70c2b71b4d210703b9228d2d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLargestConsoleWindowSize
IsBadReadPtr
GetDriveTypeW
SetProcessWorkingSetSize
PurgeComm
ReadConsoleOutputA
GetVersion
ReleaseSemaphore
GlobalAddAtomW
GetCommConfig
OpenSemaphoreW
GetConsoleMode
SetThreadAffinityMask
EnumDateFormatsW
GetProfileIntA
CreateDirectoryExA
EnumResourceNamesW
FindResourceExW
SetThreadLocale
UnmapViewOfFile
ReadFileScatter
OutputDebugStringA
LoadLibraryExW
FlushConsoleInputBuffer
WriteProcessMemory
VirtualQueryEx
LocalFileTimeToFileTime
EnumSystemCodePagesA
GetCommModemStatus
SetupComm
PulseEvent
DosDateTimeToFileTime
CompareStringA
SetLastError
VirtualAllocEx
GetThreadPriority
WritePrivateProfileStringA
ExpandEnvironmentStringsW
QueryDosDeviceA
_lopen
TryEnterCriticalSection
InitializeCriticalSection
MoveFileW
GetModuleHandleA
GetSystemTimeAsFileTime
EnumTimeFormatsW
SetConsoleTitleA
GenerateConsoleCtrlEvent
WriteConsoleOutputCharacterA
VirtualAlloc
AreFileApisANSI
IsValidLocale
GetUserDefaultLCID
UnhandledExceptionFilter
EnumCalendarInfoW
SetCommMask
FindCloseChangeNotification
SetStdHandle
ReadFile
GetTapeParameters
ConnectNamedPipe
LoadResource
SetVolumeLabelA
ReadConsoleInputW
FillConsoleOutputCharacterA
FindNextChangeNotification
EraseTape
GetDriveTypeA
SetMailslotInfo
GetConsoleCursorInfo
SwitchToFiber
FindFirstFileA
IsBadStringPtrA
GetACP
GetVersionExA
VirtualProtect
GetProcessTimes
GetEnvironmentStringsW
PeekConsoleInputW
LCMapStringA
FileTimeToLocalFileTime
WaitNamedPipeA
_hread
GetBinaryTypeW
ReadDirectoryChangesW
GetEnvironmentVariableW
GetTimeZoneInformation
IsProcessorFeaturePresent
VirtualFree
GetDiskFreeSpaceW
_lread
ExitProcess
GetPrivateProfileStringW
GetFileAttributesA
ScrollConsoleScreenBufferA
GlobalFlags
GetCommState
SetTimeZoneInformation
CreateMutexA
EnumCalendarInfoA
GetCommandLineA
SetConsoleMode
lstrlenA

user32

LoadAcceleratorsW
GetKeyNameTextA
CharPrevA
EnableScrollBar
GetMenuItemCount
GetMonitorInfoW
IsDialogMessageW
WinHelpW
CharToOemW
EnumDesktopWindows
wvsprintfA
GetClassNameW
MsgWaitForMultipleObjects
SendMessageCallbackW
TrackPopupMenu
ShowWindow
CreateAcceleratorTableW
ShowScrollBar
DrawTextA
GetClipboardData
SetScrollRange
CharPrevW
DrawIcon
SetClipboardViewer
GetQueueStatus
IsWindowVisible
InflateRect
GetMenuCheckMarkDimensions
GetMenuState

gdi32

SelectPalette
DeleteMetaFile
GetStretchBltMode
EqualRgn
CreateICA
OffsetWindowOrgEx
CreateMetaFileA
ExtTextOutW
LineTo
SetROP2
Rectangle
PathToRegion
ExtEscape

comdlg32

GetFileTitleW

advapi32

SetEntriesInAclW
OpenSCManagerW
GetSecurityDescriptorSacl
BuildTrusteeWithSidW
ObjectDeleteAuditAlarmW
LookupAccountSidW
RegEnumKeyExW
ReportEventA
RegisterServiceCtrlHandlerW

shell32

SHGetSpecialFolderPathA
SHFileOperationW
SHChangeNotify
FindExecutableW
FindExecutableA

oleaut32

VariantCopy
SafeArrayRedim

comctl32

ImageList_SetDragCursorImage
ImageList_GetIcon

shlwapi

StrRetToStrW
PathAppendW
PathUnquoteSpacesA
StrCmpW
wvnsprintfW
StrCmpNA
PathFindExtensionA
PathRemoveFileSpecW
PathIsPrefixW
PathAddBackslashA
SHDeleteKeyA
SHRegOpenUSKeyW
PathRemoveExtensionW

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8aaf11e70c2b71b4d210703b9228d2d5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 43KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 43KB