727f2662ed04da69b5bac7d98ddc1a91_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

727f2662ed04da69b5bac7d98ddc1a91_JaffaCakes118
Size

874KB
MD5

727f2662ed04da69b5bac7d98ddc1a91
SHA1

60216904b87b8288b2f828dd7d011e5ff05c61a8
SHA256

682bf56433befdb5f39774bab8de608d117466ad7d0e9fbc622f0acd1b09465e
SHA512

821492ca1e69af533f6800444b7cf2580ecd5575c9826b6220b8622c0ab8a77434ed4b96aefd189cf00b54fc7ace7e1dbf081b4f68fcc4e2787d45d09621fb84
SSDEEP

24576:Q4eoJqZbWt92wRXKfV/RunJpA0dDoQeIPWy0umG:Q4es3owJpldsI8umG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
727f2662ed04da69b5bac7d98ddc1a91_JaffaCakes118

Files

727f2662ed04da69b5bac7d98ddc1a91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb1bd4cccc5abe9566e71a5b5f48b8fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAdjustment
GetOEMCP
GetAtomNameA
GetVersion
SetProcessWorkingSetSize
IsValidLocale
GetCommConfig
FindResourceExA
EndUpdateResourceA
GetTimeZoneInformation
GenerateConsoleCtrlEvent
EnumResourceLanguagesW
CreateFileW
IsBadReadPtr
WriteFile
CreateMutexW
FormatMessageA
_llseek
GetFileInformationByHandle
FillConsoleOutputCharacterA
CreateProcessA
ReadDirectoryChangesW
ExitProcess
IsBadWritePtr
GlobalAddAtomA
lstrcmpiA
EnumSystemCodePagesW
SetConsoleTitleA
CreateDirectoryW
GetDiskFreeSpaceExA
RaiseException
EraseTape
LoadLibraryExA
GetFileAttributesA
SetLastError
VirtualLock
MoveFileW
EnumCalendarInfoW
IsProcessorFeaturePresent
SetHandleCount
UnhandledExceptionFilter
WritePrivateProfileSectionW
ReleaseMutex
WritePrivateProfileSectionA
EnumSystemCodePagesA
GetTickCount
GetNumberFormatW
FreeLibrary
WriteConsoleOutputCharacterA
WriteProcessMemory
GetLargestConsoleWindowSize
GetDriveTypeW
GetDiskFreeSpaceW
FindFirstFileExW
GetCommModemStatus
OpenFile
SetErrorMode
GetSystemTimeAsFileTime
GlobalFindAtomW
GetConsoleMode
SetVolumeLabelA
WritePrivateProfileStringW
SetConsoleOutputCP

user32

GetShellWindow
IsWindowEnabled
GetTabbedTextExtentW
ShowWindowAsync
CreateAcceleratorTableW

gdi32

EnumFontsW
WidenPath
PatBlt
GetWindowOrgEx
GetGlyphOutlineA
CreateDIBPatternBrushPt
GetEnhMetaFileBits
CopyEnhMetaFileA
GetObjectType

comdlg32

ChooseFontA
ChooseFontW
GetSaveFileNameA

advapi32

RegConnectRegistryW
SetServiceObjectSecurity
RevertToSelf
CryptSetHashParam
GetSecurityDescriptorLength
RegEnumValueA
RegisterEventSourceA
LookupAccountSidW
RegConnectRegistryA
CreateServiceA
AllocateLocallyUniqueId
RegCreateKeyExA
MakeSelfRelativeSD
LookupAccountSidA
RegSetKeySecurity
StartServiceCtrlDispatcherW
AccessCheck
RegisterServiceCtrlHandlerW
RegDeleteKeyW
GetPrivateObjectSecurity
ImpersonateNamedPipeClient
OpenEventLogW
SetKernelObjectSecurity
QueryServiceStatus
SetFileSecurityW
CryptVerifySignatureW
RegEnumKeyA
DeregisterEventSource
RegLoadKeyA
QueryServiceConfigA
DestroyPrivateObjectSecurity
SetTokenInformation
SetThreadToken
RegCreateKeyExW
LookupPrivilegeValueA
CryptGetProvParam

shell32

DragFinish
FindExecutableW
DragQueryPoint
SHFileOperationA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation

ole32

OleIsRunning

oleaut32

SafeArrayCreate
VariantCopy
SafeArrayGetElement

comctl32

ImageList_Add
ImageList_SetBkColor

shlwapi

SHGetValueA
PathFindNextComponentW
AssocQueryStringW
SHQueryValueExW
PathFileExistsW
UrlGetPartW
StrFormatByteSizeW
SHStrDupW
StrCpyNW

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 605KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb1bd4cccc5abe9566e71a5b5f48b8fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 605KB - Virtual size: 605KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 605KB - Virtual size: 605KB

.rsrc
Size: 17KB - Virtual size: 16KB