4a14f1907fc62772c6e7ccea2115124c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a14f1907fc62772c6e7ccea2115124c_JaffaCakes118
Size

213KB
MD5

4a14f1907fc62772c6e7ccea2115124c
SHA1

892b7d863e925b5f053de3cc528688fe8b92f798
SHA256

a5061c11a20bbfec04c2c9c022cf3d7a28b27374181b521daea99803e66e65bf
SHA512

3cb2ac2846b51ec8cea004e52972d76690806eafeb59645c0a9758b04d81ef3525bf0406c803aa4bdb3e5691859a8087d2a9b88a5eb8fda13f7cff65fae1aeb8
SSDEEP

6144:Kp/qb42qDTySXq4xjg0n8VxfJGL0rKULYnsXzh5:Kb/ZHHn8VxR/5Ssjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a14f1907fc62772c6e7ccea2115124c_JaffaCakes118

Files

4a14f1907fc62772c6e7ccea2115124c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cf5528ee29a0f768a22f1f625727c91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationW
SHGetSpecialFolderPathW
SHLoadInProc
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA

ole32

OleIsRunning
CoDisconnectObject
CoTaskMemRealloc
CoMarshalInterface
OleBuildVersion
CreateStreamOnHGlobal
CoFileTimeNow
StgCreateStorageEx
CoGetObject

ws2_32

WSAAsyncGetProtoByNumber
WSASendDisconnect
select
shutdown
WSALookupServiceNextW
getservbyname
WSAAccept
WSAEnumProtocolsW
WSALookupServiceBeginA
WSAAddressToStringW
WSARecvFrom
recv
WSAStringToAddressA

version

VerQueryValueA
GetFileVersionInfoA
VerInstallFileA

kernel32

Beep
CancelIo
_llseek
SetConsoleCursorPosition
GetCommModemStatus
SetVolumeLabelA
_hread
WritePrivateProfileSectionA
FlushFileBuffers
lstrcatW
IsBadStringPtrA
lstrcpynA
FormatMessageA
RemoveDirectoryA
WriteConsoleOutputW
MoveFileW
CopyFileExW
GetProfileIntA
EnumResourceNamesA
GetConsoleCursorInfo
GetOEMCP
GetThreadContext
FileTimeToLocalFileTime
GetPrivateProfileSectionW
GetAtomNameA
FatalAppExitA
FreeResource
GenerateConsoleCtrlEvent
SizeofResource
InitializeCriticalSection
GetProcessHeap
SetThreadPriorityBoost
_lopen
WriteConsoleOutputCharacterA
GetStringTypeExW
ReadDirectoryChangesW
EraseTape
GetModuleHandleA
SetConsoleTitleA
EnumResourceLanguagesW
GetStartupInfoA
GetSystemTimeAsFileTime
FindNextChangeNotification
WaitNamedPipeA
SetCommMask
FormatMessageW
ReleaseMutex
GetComputerNameW
LoadResource
LoadLibraryExW
GlobalReAlloc
FindResourceExW
CreateMutexW
GetEnvironmentVariableW
GetSystemInfo
WritePrivateProfileSectionW
SetFileAttributesA
GetProcessTimes
GetFullPathNameA
VirtualAllocEx
SetupComm
ReadConsoleInputW
EnumTimeFormatsW
QueryDosDeviceW
ExitThread
SetCurrentDirectoryA
GetDriveTypeW
GlobalAddAtomA
GetSystemDefaultLangID
FindResourceExA
IsValidLocale
SetConsoleMode
GetCurrentDirectoryW
GetEnvironmentStringsW
RemoveDirectoryW
FreeLibrary
GetACP
FlushConsoleInputBuffer
DuplicateHandle
EnumDateFormatsW
GlobalUnlock
VirtualUnlock
IsBadWritePtr
TryEnterCriticalSection
GetVersion
AreFileApisANSI
LCMapStringA
FindFirstFileW
GetUserDefaultLCID
CreateProcessA
ReadConsoleOutputA
VirtualLock
EnumResourceNamesW
SetFileTime
VirtualQuery
DosDateTimeToFileTime
GetDateFormatA
WritePrivateProfileStringA
CreateNamedPipeW
SetCommTimeouts
EnumSystemCodePagesW
SetProcessAffinityMask
CreateWaitableTimerA
GetTempPathW
SetProcessWorkingSetSize
SwitchToFiber
CompareStringW
GlobalFree
CreateIoCompletionPort
GetCommandLineA
VirtualAlloc
ExitProcess
SetEnvironmentVariableA

oleaut32

SafeArrayPutElement
SafeArrayGetLBound
SetErrorInfo

user32

DrawTextExA
RegisterClipboardFormatA
SendMessageCallbackW
GetClipboardSequenceNumber
EndPaint
DispatchMessageW
FindWindowW
RegisterClassExW
DialogBoxParamW
CharLowerBuffW
ChildWindowFromPoint
LoadMenuA
GetWindowPlacement
ValidateRect
SendInput
MonitorFromWindow
wsprintfW
MessageBoxExA
IntersectRect
SetWindowTextA
GetCursorPos
CreateWindowExA
GetWindowRect
EnumDisplayDevicesW
GetWindowContextHelpId
LoadMenuIndirectA
GetThreadDesktop
EqualRect
IsZoomed
RegisterWindowMessageA
EnumDesktopsA
SetKeyboardState
ScrollWindow
CharPrevA
GetLastActivePopup
GetNextDlgGroupItem
WinHelpA
DispatchMessageA
RegisterClipboardFormatW
NotifyWinEvent
MsgWaitForMultipleObjects
CreateWindowExW
GetClipboardFormatNameW
ChangeDisplaySettingsA
WaitMessage
InternalGetWindowText
SendMessageTimeoutW
GetDCEx
GetKeyboardLayoutNameW
ShowOwnedPopups
DrawEdge
UnhookWindowsHook
GetClassNameW
ExcludeUpdateRgn
IsRectEmpty

comctl32

ImageList_GetIcon
ImageList_Destroy
PropertySheetW

gdi32

Polygon
OffsetWindowOrgEx
RemoveFontResourceW
Pie
GetPolyFillMode
GetEnhMetaFileHeader
SelectClipRgn
GetViewportOrgEx
GetObjectW
GetTextMetricsW
SetViewportOrgEx
OffsetRgn
GetMetaFileBitsEx
GetPixelFormat
OffsetViewportOrgEx
ExtCreatePen
SetTextColor
SetAbortProc
PtVisible
PatBlt
EnumFontFamiliesW

advapi32

CryptVerifySignatureA
OpenServiceW
InitiateSystemShutdownA
EnumDependentServicesW
IsValidSecurityDescriptor
RegSetValueExW
RegisterServiceCtrlHandlerA
GetSidSubAuthorityCount
GetFileSecurityA
OpenEventLogW
DeleteAce
RegEnumKeyW
RegQueryValueExA
LookupAccountSidA
LookupPrivilegeValueA
CreatePrivateObjectSecurity
SetServiceStatus
AddAccessAllowedAce
CryptGetProvParam
AbortSystemShutdownW
CryptSetKeyParam
CryptDestroyKey
RegLoadKeyW
CryptDestroyHash
AccessCheckAndAuditAlarmA
CryptExportKey
CryptDeriveKey
QueryServiceConfigW
RegReplaceKeyW
AddAccessDeniedAce
CryptGetUserKey

msvcrt

fgetc
_pclose
time
_mbsnbcpy
_wchdir
rewind
clearerr
_endthread
_mbsnbcnt
wcscat
_setmbcp
_vsnprintf
strtod
swscanf
isalnum
_wchmod
localeconv
strpbrk
abort
wcstol
_mbscpy
_mbsdec
_spawnvp
_itoa
_wcsrev
_mkdir
ftell
wcsncat
_close
memmove
wcstok
_wcslwr
localtime
difftime
towlower
_filelength
_fstat
_wsystem
fseek
_access
_exit
_wpopen
_strnicoll
_fdopen
vprintf
calloc
_wspawnvp
fputs
_ismbcdigit
_lseek

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cf5528ee29a0f768a22f1f625727c91

Headers

File Characteristics

Imports

shell32

ole32

ws2_32

version

kernel32

oleaut32

user32

comctl32

gdi32

advapi32

msvcrt

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 8KB - Virtual size: 8KB

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 8KB - Virtual size: 8KB