4b21478126af01bc11077eeb5e24a7d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b21478126af01bc11077eeb5e24a7d3_JaffaCakes118
Size

356KB
MD5

4b21478126af01bc11077eeb5e24a7d3
SHA1

0998608e2f54df50fbf6bf55f356bc25ccecd3ad
SHA256

f77c38652713123f7067988ce90827d665f6431771a40f9505337bfad31caace
SHA512

c913acddfdcb57df5e4544347e8d2868b43216514503885f2cb2112931602823580bcaa0e77ab820ed29051693a964e9907bb7b97505fe4059338976902685cb
SSDEEP

6144:AQhaffoq8eOMBHts3qnztsOeLammttyeGdJyzw1dyVg8mEEh/70W+agO9Ki:efAq8xMBNOAh7Gam+thGWgyrm7/70W+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b21478126af01bc11077eeb5e24a7d3_JaffaCakes118

Files

4b21478126af01bc11077eeb5e24a7d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d766cf5bffbdc32d83575900cfb7dedc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateDirectoryExA
SetEndOfFile
ReleaseSemaphore
GetOEMCP
GetCurrentProcess
ReadConsoleA
LocalLock
GetACP
QueryDosDeviceA
GlobalAddAtomW
FindCloseChangeNotification
OutputDebugStringA
GetConsoleCursorInfo
FindResourceExA
SetConsoleWindowInfo
GetLogicalDriveStringsA
GetTempFileNameA
GetTickCount
IsProcessorFeaturePresent
EnumSystemCodePagesA
lstrcmpiW
ExitProcess
lstrcatW
GetBinaryTypeW
GetLongPathNameA
LCMapStringA
GetModuleHandleA
CompareStringA
GetProcessHeap
lstrcpyA
SetEvent
SetConsoleTitleA
ClearCommBreak
EnumResourceNamesA
SetEnvironmentVariableA
DebugBreak
SetThreadLocale
GetFullPathNameA
IsValidLocale
SetCurrentDirectoryA
GetConsoleMode
GetProcessTimes
GlobalFindAtomA
FormatMessageA
GetWindowsDirectoryA
VirtualUnlock
WriteFile
EnumCalendarInfoA
FlushFileBuffers
GetDateFormatA
EnumDateFormatsW
WritePrivateProfileStringA
PrepareTape
CreateMutexW
VirtualProtect
GetVersionExA
UnhandledExceptionFilter
GetEnvironmentVariableW
WritePrivateProfileSectionA
FileTimeToLocalFileTime
CreateDirectoryA
RemoveDirectoryA
lstrcmpiA
FreeLibraryAndExitThread
LoadResource
LoadLibraryExA
GetSystemTime
VirtualLock
GetThreadContext
FindFirstFileA
UnmapViewOfFile
CreateIoCompletionPort
GetProfileStringA
GetCommandLineA
GlobalFlags
lstrlenA

user32

CharLowerBuffA
AdjustWindowRectEx
GetKeyNameTextW
InternalGetWindowText
GetKeyNameTextA
DrawTextW
GetLastActivePopup
SetScrollInfo
CreatePopupMenu
SetMenuItemInfoW
GetCaretBlinkTime
IsClipboardFormatAvailable
LoadCursorFromFileW
SetCapture
SetMessageQueue
DialogBoxIndirectParamW
MessageBeep
RemoveMenu
FillRect
UnhookWinEvent
GetDialogBaseUnits
OpenDesktopA
GetMenuItemID
LoadImageW
DrawIcon
TrackMouseEvent
EndDialog
CharNextExA
CharLowerBuffW
VkKeyScanA
LoadAcceleratorsA
DrawMenuBar
InsertMenuItemA
UnhookWindowsHookEx
IsCharLowerA
LoadMenuIndirectA
SetCursor
ReplyMessage
DrawAnimatedRects
UnhookWindowsHook
GetNextDlgTabItem
SetRectEmpty
CharPrevW
ReleaseDC
FlashWindowEx
LoadStringW
SetWindowsHookExW
GetCaretPos
GetDesktopWindow
DrawCaption
GetClipboardViewer
GetTitleBarInfo
CharLowerW
SetMenuItemInfoA
GetClassNameA
CloseWindowStation
PostThreadMessageW
PostQuitMessage

gdi32

FrameRgn
AddFontResourceW
GdiFlush
GetPixel
CreateDCA
CopyEnhMetaFileW
CopyMetaFileW
LPtoDP
EndPage
GetROP2
PlayEnhMetaFileRecord
GetCharWidth32A
GetLayout

comdlg32

PageSetupDlgA
GetSaveFileNameA

advapi32

GetExplicitEntriesFromAclW
OpenThreadToken
CreatePrivateObjectSecurity
GetUserNameW
RegRestoreKeyA

shell32

DragFinish
SHBrowseForFolderA
DragAcceptFiles
DragQueryPoint
FindExecutableA

ole32

RevokeDragDrop
CoGetTreatAsClass
CoUninitialize
CoGetObject

oleaut32

SafeArrayUnaccessData
VariantChangeType
SafeArrayPutElement
VariantCopy
SafeArrayCreate
SysFreeString
SafeArrayGetElement
SetErrorInfo
SysAllocStringLen

shlwapi

SHCopyKeyW
PathIsPrefixW
PathAddBackslashW
PathFindNextComponentW
PathFindFileNameW
AssocCreate
StrFormatByteSizeW
wvnsprintfW
StrFormatByteSizeA
PathStripPathA
PathIsUNCServerW
PathParseIconLocationW
PathRemoveFileSpecA

setupapi

SetupDiSetDeviceInstallParamsW
SetupGetLineTextW
SetupOpenAppendInfFileA
SetupOpenFileQueue
SetupGetLineTextA

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d766cf5bffbdc32d83575900cfb7dedc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 30KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 30KB