6421fce94f6feb3c389c87f584d1a014_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6421fce94f6feb3c389c87f584d1a014_JaffaCakes118
Size

208KB
MD5

6421fce94f6feb3c389c87f584d1a014
SHA1

29d7d4e9dee6524d5d52ead3c6ccf92786b465f1
SHA256

b5e31cb6eec200963361bcfdd4ec370771f8fa71a2a13e421bf403ca098bf03a
SHA512

1be393ddb43fd82671f2c3e806a625661bd674cd5bd2f07be8ab7ac8777da2ae39310b3279741aa2150bc0af1b0e81ca48f5b83410083fd79edd12382300ca5b
SSDEEP

6144:aXubr90HGREclZrSEo+YK39OG3GTomVYC6H:aXe0HsZrSEGuoG28mCd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6421fce94f6feb3c389c87f584d1a014_JaffaCakes118

Files

6421fce94f6feb3c389c87f584d1a014_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd7e452ff3a1b2cbf17de5874700d79c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenWaitableTimerW
GetProcAddress
FileTimeToSystemTime
GetExitCodeProcess
lstrcmpi
GetCalendarInfoA
GetShortPathNameW
GetOEMCP
IsDebuggerPresent
IsBadReadPtr
GetVersionExW
EnumDateFormatsW
LoadLibraryA
CompareStringW
SetCalendarInfoA
CreateEventW
GlobalGetAtomNameA
SetEvent
GetSystemInfo
ConnectNamedPipe
RaiseException
GetAtomNameW
GetStartupInfoW
ExitThread
Sleep
GetNamedPipeInfo
GetStartupInfoA
GetDateFormatA
GetFullPathNameA
CreateDirectoryW
FlushFileBuffers
CopyFileExW
OpenMutexW
GetLocaleInfoA
lstrcmpiW
lstrcat
GetVersion
GetStringTypeW
IsBadWritePtr
GlobalFindAtomA
RemoveDirectoryW
BeginUpdateResourceA
SetCurrentDirectoryW
ReadDirectoryChangesW

user32

FillRect
SetForegroundWindow
DialogBoxParamA
CascadeWindows
ShowCursor
CreateDialogIndirectParamA
OpenClipboard
SetWindowLongA
MessageBoxW
UnregisterClassA
GetClientRect
wsprintfW
GetAsyncKeyState
RegisterWindowMessageA
GetDC
GetWindowTextLengthW
ChildWindowFromPoint
EnumChildWindows
SetCapture

gdi32

SetWinMetaFileBits
RemoveFontResourceExW
CreateCompatibleBitmap
GetBrushOrgEx
FillPath
CreateBrushIndirect
CreateDIBPatternBrushPt
Pie
EnumFontsW
EnumMetaFile
GetTextExtentPointW
GetTextExtentExPointW
CopyMetaFileW
GetEnhMetaFilePixelFormat
GetCharABCWidthsW
GetPaletteEntries
CreateDCW
PtVisible
GetNearestPaletteIndex
GetTextMetricsA

advapi32

RegReplaceKeyA
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegQueryInfoKeyA
RegQueryValueA
RegFlushKey
RegQueryInfoKeyW
RegCloseKey
RegSaveKeyW
RegDeleteKeyA
RegOpenKeyExA

shell32

SHGetDataFromIDListA
SHGetFileInfoA

shlwapi

StrCSpnA
StrCpyW
PathRemoveBlanksW
PathParseIconLocationA
StrIsIntlEqualW
PathGetCharTypeA
wvnsprintfA
PathIsDirectoryW
PathMakeSystemFolderA
SHRegGetUSValueA
PathRelativePathToA
PathIsDirectoryA
PathAddBackslashA
GetMenuPosFromID

setupapi

SetupRemoveFileLogEntryA
SetupGetTargetPathA
CM_Get_Parent_Ex
SetupDiDrawMiniIcon
SetupInstallServicesFromInfSectionW
SetupDiCreateDeviceInfoListExW
CM_Get_Sibling_Ex
CM_Free_Res_Des_Ex
SetupDiGetClassInstallParamsW

wsock32

getpeername
sethostname
GetServiceW
GetNameByTypeW
closesocket
WSACancelAsyncRequest
getservbyname
EnumProtocolsW
rcmd
getprotobyname
connect
GetAddressByNameA

Sections

.qK
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vWIzD
Size: 4KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MsGaJg
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HuPkxo
Size: 3KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cX
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.K
Size: 1KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AjX
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n
Size: 2KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7e452ff3a1b2cbf17de5874700d79c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

setupapi

wsock32

Sections

.qK Size: 3KB - Virtual size: 3KB

.vWIzD Size: 4KB - Virtual size: 301KB

.MsGaJg Size: 10KB - Virtual size: 9KB

.HuPkxo Size: 3KB - Virtual size: 53KB

.cX Size: 4KB - Virtual size: 34KB

.K Size: 1KB - Virtual size: 203KB

.AjX Size: 2KB - Virtual size: 72KB

.data Size: 130KB - Virtual size: 375KB

.n Size: 2KB - Virtual size: 59KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 1024B - Virtual size: 716B

.qK
Size: 3KB - Virtual size: 3KB

.vWIzD
Size: 4KB - Virtual size: 301KB

.MsGaJg
Size: 10KB - Virtual size: 9KB

.HuPkxo
Size: 3KB - Virtual size: 53KB

.cX
Size: 4KB - Virtual size: 34KB

.K
Size: 1KB - Virtual size: 203KB

.AjX
Size: 2KB - Virtual size: 72KB

.data
Size: 130KB - Virtual size: 375KB

.n
Size: 2KB - Virtual size: 59KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 1024B - Virtual size: 716B