680e7e44b4217bf0fb5d378c1cc91591_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

680e7e44b4217bf0fb5d378c1cc91591_JaffaCakes118
Size

284KB
MD5

680e7e44b4217bf0fb5d378c1cc91591
SHA1

49d17189ad0a69906dc6216782b57212eab80f25
SHA256

382efec504c629f5f3e2403b7d0f67187bdec99dbe2f1fa9aa0260ef16b77373
SHA512

d4e2b84c4c787a5477ae2f543aa33b58e7d9e676c428c79e4b560c45008393c939e7d75cfcf68091d24c28c0aa96df4cf1f4144af18065c3cc94b0a55c8ce131
SSDEEP

6144:NWG83KF09eUsCU7OfaFtTkhdG1kveqmzX/XSpS6wEonzX0:NN09emTae0fqmbegX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
680e7e44b4217bf0fb5d378c1cc91591_JaffaCakes118

Files

680e7e44b4217bf0fb5d378c1cc91591_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b5f7ceb55175640bc02d6fc02ab31b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetFileInformationByHandle
FreeLibraryAndExitThread
GetSystemTimeAsFileTime
GetShortPathNameA
LocalAlloc
VirtualQuery
GetCommModemStatus
LeaveCriticalSection
FillConsoleOutputCharacterA
CreateMutexA
SetFileAttributesA
EnumCalendarInfoA
ConnectNamedPipe
GetCommandLineW
ReadConsoleInputW
CreateNamedPipeW
SetThreadAffinityMask
VirtualUnlock
GetVersion
PrepareTape
GetThreadContext
GetEnvironmentStringsW
OpenFile
SetProcessShutdownParameters
GetCompressedFileSizeW
GetUserDefaultLCID
GetSystemDirectoryW
FreeResource
SuspendThread
_lclose
WritePrivateProfileSectionA
MoveFileW
GetBinaryTypeW
LocalLock
SetMailslotInfo
GetFileAttributesA
SearchPathW
lstrcmpiW
GetWindowsDirectoryA
IsBadStringPtrA
ExpandEnvironmentStringsW
GetTempPathW
SetLastError
SwitchToFiber
FlushFileBuffers
GetNumberFormatW
_lread
SetHandleCount
OutputDebugStringW
GetCPInfo
GetConsoleMode
SetThreadPriorityBoost
ReleaseMutex
EnumResourceNamesA
ScrollConsoleScreenBufferA
GetCurrentProcessId
GetDriveTypeW
GetTempFileNameA
CancelIo
WritePrivateProfileStructA
SetProcessAffinityMask
IsValidLocale
ReadConsoleA
GetDiskFreeSpaceExA
SetSystemTime
CreatePipe
GetProfileIntA
SetEvent
GetCommandLineA
VirtualAlloc
EnumCalendarInfoW
ExitProcess

user32

CreateMenu
ExcludeUpdateRgn
LoadCursorA
GetKeyboardState
CloseWindow
FindWindowExW
CopyImage
GetTopWindow
GetLastActivePopup
DialogBoxIndirectParamA
GetKeyboardType
CreateWindowStationW
AdjustWindowRectEx
ChildWindowFromPointEx
FindWindowA
MonitorFromPoint
GetMonitorInfoW
CharToOemBuffA
DrawAnimatedRects
RegisterDeviceNotificationA
ChildWindowFromPoint
SetProcessWindowStation
UnregisterDeviceNotification
GetDlgItem
InsertMenuA
GetWindow
DrawTextExW
DefMDIChildProcA
GetMenuItemRect
FillRect
GetClassLongW
CreateDesktopW
RegisterWindowMessageA
EnumDisplaySettingsA
GetWindowTextA
GetPropA
RegisterClassExA
SendDlgItemMessageA
ShowCaret
GetClipboardFormatNameA
PostThreadMessageW
DestroyIcon
ToUnicodeEx
GetTitleBarInfo
SetPropA
OemKeyScan
CharLowerW
SwitchDesktop

gdi32

GetTextColor
RealizePalette
DeleteDC
SetTextColor
GetPixelFormat
RemoveFontResourceA
SetGraphicsMode
DPtoLP
ExtTextOutA
CopyMetaFileA
EnumFontsW

comdlg32

PrintDlgW
ReplaceTextW

advapi32

CryptDeriveKey
RegSaveKeyA
GetSidLengthRequired
OpenEventLogW
PrivilegeCheck
CryptSetHashParam
CryptGetUserKey
RegRestoreKeyA
AddAce
RegSetValueExA
CryptVerifySignatureW
GetNamedSecurityInfoW
InitiateSystemShutdownW
ChangeServiceConfigW
GetAce
RegSetValueA
SetSecurityDescriptorSacl
RegCreateKeyExW
LookupAccountSidA
ClearEventLogW
DestroyPrivateObjectSecurity
CryptImportKey
GetSecurityDescriptorOwner
ChangeServiceConfigA
RegUnLoadKeyA
ObjectCloseAuditAlarmA
RegLoadKeyA
CreateServiceW
StartServiceCtrlDispatcherW
EnumServicesStatusW
CryptHashData
RegNotifyChangeKeyValue
OpenSCManagerA
RegLoadKeyW
SetSecurityInfo
RegQueryInfoKeyW
LockServiceDatabase
RegSetValueW

ole32

OleRegGetUserType
ReadFmtUserTypeStg
CoGetClassObject
CoLockObjectExternal
CoFileTimeNow

oleaut32

SafeArrayRedim
QueryPathOfRegTypeLi

shlwapi

PathRemoveFileSpecW
UrlCombineW
StrCmpNW
StrRChrA
SHCopyKeyW

Sections

qmkys
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ouyuwo
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qiqaqg
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aoooy
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b5f7ceb55175640bc02d6fc02ab31b3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

Sections

qmkys Size: 3KB - Virtual size: 3KB

ouyuwo Size: 5KB - Virtual size: 5KB

qiqaqg Size: 266KB - Virtual size: 265KB

aoooy Size: 8KB - Virtual size: 8KB

qmkys
Size: 3KB - Virtual size: 3KB

ouyuwo
Size: 5KB - Virtual size: 5KB

qiqaqg
Size: 266KB - Virtual size: 265KB

aoooy
Size: 8KB - Virtual size: 8KB