4d066d3c6ee2c887364e6cc6c3c6176d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d066d3c6ee2c887364e6cc6c3c6176d_JaffaCakes118
Size

669KB
MD5

4d066d3c6ee2c887364e6cc6c3c6176d
SHA1

77d8abe642ea001d560988a91f33817992210899
SHA256

7066306c18f03729b070531456dc1f1d236f8c9ce1813cfdd429d66e48c99b75
SHA512

d453006efd1eb18dbb4c680a7f1531b964dbbdd32ad6ab173e11c6775ee2302da04f9cda403de81fc0838d10003b8fc65b2e3e23558d6877d444fcfe2fbec9c7
SSDEEP

12288:Mk7Kud91A5XOZ36B3uu9CR3dL7n8vyFtfnkoj8t8y/Eico1ju6PZne:Mk+u5AhC6BerL7nd/fko8AoEwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d066d3c6ee2c887364e6cc6c3c6176d_JaffaCakes118

Files

4d066d3c6ee2c887364e6cc6c3c6176d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dab563b5e4abb1cf2d294ea66836a167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleInformation
ExitProcess
CreateMutexW
InitializeCriticalSection
WritePrivateProfileSectionW
FillConsoleOutputCharacterA
GetCurrentDirectoryW
LocalSize
GlobalDeleteAtom
IsValidLocale
OpenFile
GlobalUnlock
EnumResourceNamesW
FileTimeToLocalFileTime
GetCurrentProcessId
SetConsoleActiveScreenBuffer
GetCurrentProcess
GlobalReAlloc
SetEndOfFile
SetVolumeLabelA
LCMapStringA
WriteFile
RemoveDirectoryA
VirtualQueryEx
ScrollConsoleScreenBufferA
OutputDebugStringW
SystemTimeToFileTime
GetFileAttributesExA

user32

GetSysColor
CreateIconIndirect
SetMenuItemInfoA
EndMenu
DialogBoxIndirectParamW
DialogBoxParamA
SetClassLongA
BeginPaint
GetClassLongA
CloseWindowStation
ChildWindowFromPointEx
FindWindowExW
EnumDisplayMonitors
PeekMessageW
SetScrollPos
ReplyMessage
OpenClipboard
GetClassInfoW
ScrollWindow
CloseWindow
CharUpperBuffW
SetProcessWindowStation
CopyIcon
SetActiveWindow
CallWindowProcW
InvalidateRect
GetDlgItemInt
CharNextW
SetClassLongW
GetMenuInfo
SetForegroundWindow
GetMenuDefaultItem
CheckDlgButton
DrawEdge
OpenWindowStationA
RegisterClassExW
WaitMessage
GetClassLongW
CopyAcceleratorTableA

gdi32

GetTextMetricsA
CreateBitmapIndirect
GetBitmapBits
CreateEllipticRgn
CreateFontIndirectW
PolylineTo
ExtCreatePen
CreateHatchBrush
SetPolyFillMode
GetNearestColor

advapi32

GetSecurityDescriptorSacl
ImpersonateNamedPipeClient
RegOpenKeyExW
GetServiceDisplayNameW
CreateProcessAsUserA
GetExplicitEntriesFromAclW
SetKernelObjectSecurity
CryptExportKey
GetSecurityDescriptorLength
LookupAccountSidW
CryptSetHashParam
CryptSetProvParam
EnumServicesStatusW
GetServiceDisplayNameA
SetEntriesInAclW
SetNamedSecurityInfoW
GetLengthSid
GetSecurityDescriptorDacl
EqualSid
RegDeleteKeyA
QueryServiceConfigW
CryptGenKey
SetSecurityInfo
RegUnLoadKeyW
NotifyChangeEventLog
ObjectDeleteAuditAlarmW
SetSecurityDescriptorDacl
RegEnumValueW
GetServiceKeyNameW
RegEnumValueA
GetTokenInformation
RegLoadKeyA

shell32

SHChangeNotify
ShellExecuteA
Shell_NotifyIconW
ExtractIconA
SHGetSpecialFolderPathA
SHFileOperationW
SHAddToRecentDocs

ole32

CoReleaseMarshalData
OleFlushClipboard
CreateOleAdviseHolder
CoGetInterfaceAndReleaseStream

oleaut32

VariantChangeType
SysFreeString
LoadTypeLibEx
SafeArrayGetElement
SafeArrayPutElement
LoadTypeLi
SysStringLen
VariantCopy
SysAllocStringLen
SafeArrayCreate
QueryPathOfRegTypeLi
SafeArrayRedim

comctl32

ImageList_Create
CreatePropertySheetPageA

msvcrt

fopen
fclose
clearerr
_stat
wcslen
_ltow
isalpha
_getdrive
_ultoa
_mbsrchr
_errno
setbuf
strncat
isdigit
_wtoi64
_strcmpi
wcscoll
_mbsnbcnt
system
setlocale
_wmakepath
_wchdir
_getcwd
wcscmp
islower
ceil
__p___argc
_putenv
malloc
_wfreopen
_execlp
rename
_get_osfhandle
isspace
_read
fprintf
memchr
_ultow
_strtime
_wfopen
putchar
_chmod
_lseek
ferror
floor
time
_open
_getpid
fputws
getc

Sections

.text
Size: 5KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dab563b5e4abb1cf2d294ea66836a167

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msvcrt

Sections

.text Size: 5KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 291KB - Virtual size: 290KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 291KB - Virtual size: 290KB

.rsrc
Size: 16KB - Virtual size: 16KB