4a15fa57355f6cbaabd98a1aeb481c37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a15fa57355f6cbaabd98a1aeb481c37_JaffaCakes118
Size

252KB
MD5

4a15fa57355f6cbaabd98a1aeb481c37
SHA1

713ab4927368791d1cfd363f5e44f57c03a86f42
SHA256

8b5ca94d3e4ff97decf4c1ad81c085b23837ebd314ef574b6bc3773af3386380
SHA512

2c301b35f18f3b1a5bce6fb6a35a75d476c6c4aa321f833e2f0718b151654ddb2c671bd425252872b6cf77e1d96985171bccd7f3568d81de287886af9a8345b9
SSDEEP

6144:SqcuL6a0w9XyfhOU/qHvUN9k67ppVUqinCBJYeFAOrn0LN:cuL9lqYU8vg9VL0CBSebn0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a15fa57355f6cbaabd98a1aeb481c37_JaffaCakes118

Files

4a15fa57355f6cbaabd98a1aeb481c37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e709e47ea6616f0ff29b578e70ba627d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
VirtualQueryEx
CreateIoCompletionPort
GlobalFindAtomA
GetStringTypeExW
LoadResource
LCMapStringA
SetConsoleMode
EnumResourceLanguagesW
lstrcmpA
EnumResourceNamesW
GetDiskFreeSpaceW
FillConsoleOutputCharacterA
GetConsoleMode
GlobalGetAtomNameW
GetThreadPriority
GetComputerNameW
ReleaseSemaphore
ReadDirectoryChangesW
LeaveCriticalSection
LocalSize
CreateEventA
WriteProcessMemory
GetEnvironmentVariableW
VirtualFree
GetWindowsDirectoryA
GetCompressedFileSizeW
LoadLibraryExW
GetModuleHandleA
TlsGetValue
GetCurrentProcess
EnumResourceNamesA
OpenSemaphoreW
TryEnterCriticalSection
GetSystemTime
QueryDosDeviceA
LocalAlloc
EnumSystemCodePagesA
GlobalDeleteAtom
GetUserDefaultLCID
FindFirstFileExW
EnumDateFormatsW
_hread
GlobalAddAtomA
LoadLibraryExA
VirtualAlloc
GetDateFormatA
SetTimeZoneInformation
GetModuleFileNameW
PeekNamedPipe
GetDriveTypeW
ConnectNamedPipe
SearchPathW
GetFileAttributesA
SetEndOfFile
PulseEvent
ReadConsoleOutputA
SetStdHandle
IsDBCSLeadByteEx
GetSystemInfo
CreateDirectoryA
CreateMutexW
CompareStringW
GetLongPathNameA
GetLogicalDriveStringsA
CopyFileExW
_lclose
DeleteCriticalSection
OutputDebugStringA
GetUserDefaultLangID
VirtualUnlock
PeekConsoleInputW
GetCommandLineA
GetVersionExA
lstrlenA
SetThreadPriorityBoost
ExitProcess

user32

FindWindowExA
GetProcessDefaultLayout
LoadStringA
GetScrollBarInfo
GetIconInfo
IsWindowEnabled
FindWindowW
SetMessageQueue
PostThreadMessageW
DispatchMessageW
IsCharAlphaW
LoadMenuIndirectA
WaitForInputIdle
LoadCursorA
CharNextExA
EnumWindowStationsA
DefFrameProcA
SwitchDesktop
GetWindowTextA
GetClientRect
CreateCaret
UnhookWinEvent
GetKeyboardLayoutList
RegisterWindowMessageA
CheckMenuRadioItem
GetTabbedTextExtentA
GetCursorPos
FillRect
SetWindowTextA
EnumDesktopWindows

gdi32

ExtCreateRegion
SetDIBColorTable
ExcludeClipRect
GetTextAlign
EndPage
SetDIBitsToDevice
SetPixelV
DeleteEnhMetaFile
Pie
DeleteMetaFile
GetWindowOrgEx

comdlg32

ChooseFontA
ChooseColorA
GetOpenFileNameA
GetFileTitleA

advapi32

ReportEventA
CryptExportKey
AbortSystemShutdownA
SetSecurityDescriptorSacl
RegSetValueExA
CryptSetProvParam
GetSidLengthRequired
QueryServiceObjectSecurity
StartServiceCtrlDispatcherW
OpenServiceW
MakeAbsoluteSD
SetTokenInformation
MapGenericMask
SetFileSecurityW
RegQueryValueExW
ImpersonateSelf
GetServiceDisplayNameW
SetSecurityDescriptorOwner
RegNotifyChangeKeyValue
SetSecurityDescriptorGroup
RegOpenKeyA
CryptGetHashParam
DeleteAce

shell32

DragQueryPoint
SHGetSpecialFolderPathA
SHBrowseForFolderA
DragAcceptFiles
SHAddToRecentDocs

ole32

IIDFromString
CoDisconnectObject
CoGetInterfaceAndReleaseStream
OleCreate
GetRunningObjectTable

oleaut32

SysAllocStringLen
VariantChangeType
QueryPathOfRegTypeLi
SafeArrayPutElement

comctl32

ImageList_DrawEx
ImageList_DragShowNolock

shlwapi

PathIsDirectoryA
StrRetToStrW
SHCopyKeyA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e709e47ea6616f0ff29b578e70ba627d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 229KB