4a0f055efa0f6fa631971170abaf1784_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a0f055efa0f6fa631971170abaf1784_JaffaCakes118
Size

252KB
MD5

4a0f055efa0f6fa631971170abaf1784
SHA1

27808c1c2b938221e4da73f83711d976581834d6
SHA256

2438a3e98d0f987c5185774cc959a8976eab8dc452f00a03fc43f74a8b2ab8dc
SHA512

412f43c22339dab16dbb9b21372d1d255af06613230255c470b26a5a2c113095a0711beffbdcbc0a434e1c2fe5c0f61369bb776df0b900b454b75f167f311ed0
SSDEEP

6144:GN6XG/1dQ2iTbe4n9Emmj2GzaJAhbYHbLT9Fm4bb9xxf2:AH+2Qe4n9EmdGGJAWr9k4bxH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a0f055efa0f6fa631971170abaf1784_JaffaCakes118

Files

4a0f055efa0f6fa631971170abaf1784_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43cf173a4ffcd40d1d289a09366ee81a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
FormatMessageA
SetConsoleWindowInfo
ConnectNamedPipe
lstrcmpiA
IsBadStringPtrA
PulseEvent
GetSystemTime
CreateNamedPipeW
LocalLock
GlobalFree
SetCommTimeouts
PeekConsoleInputW
GetHandleInformation
WaitNamedPipeA
SetNamedPipeHandleState
GetDateFormatA
GetCommModemStatus
SetLastError
VirtualQuery
GetCommandLineA
GetEnvironmentStringsW
SetErrorMode
ExpandEnvironmentStringsW
_llseek
ClearCommBreak
GetThreadPriority
PurgeComm
ReadFile
GetACP
SetConsoleActiveScreenBuffer
LeaveCriticalSection
CreateFileW
GetConsoleMode
GetCommConfig
SwitchToFiber
FindResourceExA
LoadResource
CreateMutexA
SetProcessShutdownParameters
FreeEnvironmentStringsA
PeekNamedPipe
SuspendThread
EnumSystemCodePagesW
GlobalFindAtomW
GetShortPathNameA
GlobalDeleteAtom
SetEvent
GlobalReAlloc
EnumResourceLanguagesW
GlobalGetAtomNameW
SetHandleCount
GetConsoleCursorInfo
GetProcessTimes
LocalReAlloc
DebugBreak
GlobalFlags
VirtualAllocEx
DeleteFiber
CreateProcessA
GetLargestConsoleWindowSize
GlobalFindAtomA
GetShortPathNameW
SetupComm
AreFileApisANSI
DeleteCriticalSection
EnumDateFormatsW
ExitThread
ReleaseMutex
GetVersionExA
VirtualAlloc
CreateWaitableTimerA
ExitProcess

user32

GetClipboardViewer
SwapMouseButton
GetMenuItemCount
RegisterWindowMessageA
GetWindowDC
SetMenuItemInfoA
IsCharUpperA
DestroyCursor
RegisterDeviceNotificationA
SetWindowLongW
GetSystemMetrics
EqualRect
SystemParametersInfoA
ChangeDisplaySettingsA
DefMDIChildProcW
CheckRadioButton
AdjustWindowRect

gdi32

PtVisible
TextOutA
EnumMetaFile
GetEnhMetaFileDescriptionA
GetCurrentPositionEx
GetPolyFillMode
GetTextFaceW
CreateBrushIndirect
SetViewportExtEx

advapi32

CopySid
RegSetValueExA
GetFileSecurityA
RegEnumKeyExA
CryptReleaseContext
IsTextUnicode
CryptDestroyHash
GetSecurityDescriptorDacl
GetPrivateObjectSecurity
GetCurrentHwProfileW
GetLengthSid
GetNamedSecurityInfoW
NotifyChangeEventLog
CreateProcessAsUserW
CloseEventLog
EnumDependentServicesA
RegReplaceKeyW
GetSecurityDescriptorControl
AddAccessAllowedAce
RegConnectRegistryA
GetSecurityDescriptorOwner
MakeAbsoluteSD
GetServiceDisplayNameA
CryptGetKeyParam
RegCreateKeyA
RegDeleteValueA
RegNotifyChangeKeyValue
SetSecurityDescriptorSacl
SetThreadToken
BuildSecurityDescriptorW
OpenServiceA
CryptVerifySignatureW
CryptExportKey
RegSetKeySecurity
CryptImportKey
AccessCheckAndAuditAlarmA
CryptEncrypt
ChangeServiceConfigW
GetServiceDisplayNameW
AddAce
GetTokenInformation

shell32

SHChangeNotify
SHGetSpecialFolderPathA
SHFileOperationA

ole32

OleLockRunning
OleCreateMenuDescriptor
CoResumeClassObjects
CoDisconnectObject
MkParseDisplayName
StgCreateStorageEx

oleaut32

SafeArrayPutElement
SysAllocStringLen
SafeArrayUnaccessData
SysFreeString

shlwapi

SHSetValueW
SHEnumValueW
PathIsRelativeA
PathRemoveFileSpecW
PathIsDirectoryEmptyW
PathStripToRootW
PathRemoveBackslashA
PathAppendW
PathRelativePathToW
PathAddBackslashW
PathRelativePathToA
PathAddBackslashA
PathStripToRootA
PathFindFileNameW
PathFileExistsA
UrlApplySchemeW
PathIsUNCW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43cf173a4ffcd40d1d289a09366ee81a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 228KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 228KB