494772106ccc7c46193b0838eb4596ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

494772106ccc7c46193b0838eb4596ad_JaffaCakes118
Size

388KB
MD5

494772106ccc7c46193b0838eb4596ad
SHA1

02b5ee3c2544a6e1369be025215fe4fdecc22deb
SHA256

91109f9a8c8d6b4ade1676b7c8a7b11c9c6d0a2851161a74c66e549095b37647
SHA512

dfcfca1b21f711ed94e86fcff9875517d268787f53bbd50a46d2e45fd358a0506c8d52478f1b57255b9353fc32cbe7632ee10ff806bfab3c26219827d197698a
SSDEEP

6144:DFSYfovotMGjLOobsHoXnE6qJwmzu1CsTPVVwh6gUgwNbOSeTi3:JFfrLbwH8qVwVVwwuseT4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
494772106ccc7c46193b0838eb4596ad_JaffaCakes118

Files

494772106ccc7c46193b0838eb4596ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5bce7b98bd669e48b7634ede0774df3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GlobalGetAtomNameW
SetCommMask
SetCurrentDirectoryA
IsBadWritePtr
GetCurrentProcess
GetTempPathW
EndUpdateResourceA
GetCommConfig
SwitchToFiber
OpenFile
GetConsoleCursorInfo
OutputDebugStringW
WriteFile
LoadLibraryExA
LeaveCriticalSection
FindFirstFileW
FlushConsoleInputBuffer
lstrcmpA
SetEndOfFile
CreateDirectoryExA
GetDateFormatA
GetFullPathNameA
GetLargestConsoleWindowSize
GetConsoleMode
CreateDirectoryA
GetPrivateProfileStringW
FileTimeToLocalFileTime
GetThreadPriority
GetCommState
FatalAppExitA
CreateMutexA
QueryDosDeviceA
EnumCalendarInfoW
LocalReAlloc
GetDiskFreeSpaceW
LocalAlloc
ExitProcess
GetFileAttributesExA
CreateDirectoryW
CreateNamedPipeW
_lopen
GlobalUnlock
GetLongPathNameA
VirtualLock
SetProcessAffinityMask
PrepareTape
WritePrivateProfileStringA
PeekConsoleInputW
GetOverlappedResult
Beep
OpenSemaphoreW
UnmapViewOfFile
MoveFileExA
VirtualProtect
GetCommandLineA
GetSystemDirectoryW
lstrcpyA
CloseHandle
EraseTape
SetHandleCount
EnumTimeFormatsW
GetModuleHandleA
WriteConsoleOutputCharacterA
GetModuleFileNameW
VirtualUnlock
GetVersionExA

user32

PeekMessageA
InsertMenuW
SetForegroundWindow
GetSubMenu
ChangeDisplaySettingsExA
LoadStringA
GetWindowDC
EnumDisplayDevicesA
GetMessageA
IsCharAlphaW
TileWindows
TrackPopupMenuEx
keybd_event
GetSysColorBrush
TabbedTextOutW
TranslateAcceleratorW
MapDialogRect
UnionRect
AttachThreadInput
LoadStringW
CheckMenuItem
MapVirtualKeyExW
PostThreadMessageW
SetRectEmpty
GetClipboardFormatNameW
GetMenuCheckMarkDimensions
IsCharAlphaNumericW
ShowCaret
DestroyCaret
TranslateAcceleratorA
GetKeyboardState
MsgWaitForMultipleObjectsEx
GetKeyState
SetCursorPos
IsCharAlphaA
GetWindowPlacement
CreateIcon
GetWindowContextHelpId
GrayStringW
GrayStringA
InSendMessage
CreateWindowExW
GetDlgCtrlID
DrawStateW
GetTabbedTextExtentA
EqualRect
SetActiveWindow
ValidateRgn

gdi32

GetMetaFileBitsEx

comdlg32

PageSetupDlgA
PrintDlgW
GetOpenFileNameW
GetFileTitleW

advapi32

CryptVerifySignatureA
GetServiceKeyNameW
GetAclInformation
MakeSelfRelativeSD
SetFileSecurityA
RegisterServiceCtrlHandlerA

shell32

FindExecutableA
SHGetDesktopFolder
Shell_NotifyIconA
ExtractIconExW

ole32

CoGetTreatAsClass
CoRegisterClassObject
IIDFromString
OleConvertIStorageToOLESTREAM
StgSetTimes

oleaut32

SysFreeString
SafeArrayGetElement
VariantCopy

comctl32

DestroyPropertySheetPage

shlwapi

SHSetValueW
StrRetToStrW
SHSetThreadRef
SHOpenRegStream2W
PathFileExistsA
PathCanonicalizeW
SHDeleteValueW
StrCatW
PathRemoveBackslashW
StrCpyNW
PathRelativePathToW
PathIsSameRootW
StrDupA
PathSkipRootW
UrlCreateFromPathW
UrlCanonicalizeW
PathUnquoteSpacesA
PathFindOnPathW
wvnsprintfW

setupapi

SetupCloseLog
SetupDiBuildClassInfoList
SetupOpenAppendInfFileW
SetupInstallFromInfSectionW
SetupDiEnumDeviceInterfaces
SetupDiEnumDriverInfoW
SetupDiGetClassDescriptionExA
SetupGetTargetPathW
SetupDiClassNameFromGuidW
SetupOpenInfFileA
SetupIterateCabinetA

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5bce7b98bd669e48b7634ede0774df3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 40KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 40KB