74f2095e70c81fb24b1e3e3e01754ec9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74f2095e70c81fb24b1e3e3e01754ec9_JaffaCakes118
Size

2.1MB
MD5

74f2095e70c81fb24b1e3e3e01754ec9
SHA1

0456a561942c2688b1bc5db738d06f38f0f350e7
SHA256

88a329b9a4da98db93ee34adb1de8359e12ca91fe5f542c6bcaa7fcf31219cfe
SHA512

3dee379a5c77543f86783f12d88c87e7599e6e502518eb125a104ea9d2328c514468b6a800af5144dcdcfac9b54e2a68a5365acb6bafe537a65f0debe1227e80
SSDEEP

49152:0XxnOEGL+SzJnYQbjy0hO6DybU6aoY3HMpdSxE:0hOZ+SzJYQPy0hO6OoZoMspdSK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74f2095e70c81fb24b1e3e3e01754ec9_JaffaCakes118

Files

74f2095e70c81fb24b1e3e3e01754ec9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
VirtualQueryEx
EnumResourceLanguagesW
UnhandledExceptionFilter
GlobalReAlloc
GetTapeStatus
GetVolumeInformationW
VirtualFree
GetThreadContext
ConnectNamedPipe
SetThreadLocale
TryEnterCriticalSection
SetSystemTime
CreateEventA
CreateDirectoryA
EndUpdateResourceA
EnumResourceNamesA
LocalLock
SwitchToFiber
UnmapViewOfFile
AreFileApisANSI
LocalReAlloc
PeekConsoleInputW
GetNumberFormatW
GetProcessTimes
OpenFile
GetDateFormatA
EnumDateFormatsW
FreeLibraryAndExitThread
EnumSystemCodePagesA
FindResourceExA
IsDBCSLeadByteEx
SetConsoleActiveScreenBuffer
SetCommMask
RaiseException
LoadLibraryExW
GetAtomNameA
GlobalFlags
GetCurrentDirectoryW
IsProcessorFeaturePresent
CreateDirectoryW
GetSystemDefaultLangID
GetTimeZoneInformation
GetBinaryTypeW
GetHandleInformation
VirtualProtect
GlobalUnlock
WritePrivateProfileSectionA
GlobalFindAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleHandleA
SetLastError
GetProcessHeap
ReleaseSemaphore
FillConsoleOutputCharacterA
FreeLibrary
SetTimeZoneInformation
GetTempFileNameA
SetNamedPipeHandleState
FindFirstFileExW
FlushConsoleInputBuffer
GetOverlappedResult
WriteConsoleOutputW
OpenSemaphoreW
lstrcatW
GetCommState
lstrcmpA
IsBadReadPtr
SuspendThread
GetCommandLineW
ExitProcess

user32

DispatchMessageW
CreateAcceleratorTableW
EnumDisplaySettingsExW
SendNotifyMessageA
DefFrameProcW
SetPropA
ToUnicode
GrayStringA
GetNextDlgTabItem
RedrawWindow
ChildWindowFromPoint
ChildWindowFromPointEx
CharToOemW
ChangeClipboardChain
GetWindow
GetMenuStringA
GetMenuInfo
GetUserObjectInformationW
GetShellWindow
ModifyMenuW
CreateDialogParamW
ShowWindow
NotifyWinEvent
BroadcastSystemMessageW
SetPropW

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GetCharWidth32A
CreateDiscardableBitmap
GetTextCharacterExtra
EnumFontFamiliesExA
SetSystemPaletteUse
BitBlt
ExtCreatePen
GetBkColor
EnumFontFamiliesExW
GetBkMode
PolyPolyline
GetCurrentPositionEx
StartPage
DescribePixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
GetAclInformation
InitializeSid
RegRestoreKeyW
CreateServiceW
CryptVerifySignatureA
MakeSelfRelativeSD
FreeSid
RegisterServiceCtrlHandlerA
CryptAcquireContextW

shell32

ShellExecuteA

ole32

CoLockObjectExternal
OleLockRunning
OleCreateFromData
ReadClassStg
ProgIDFromCLSID
RevokeDragDrop
ReadFmtUserTypeStg
CoMarshalInterface

oleaut32

SafeArrayPutElement
LoadTypeLi
VariantCopy
SafeArrayCreate

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

PathIsSameRootW
PathGetDriveNumberA
StrCmpNA
PathUndecorateW
StrCatW
HashData
PathStripPathA
SHSetThreadRef
StrRStrIW
PathRemoveBlanksA
StrFormatByteSize64A
PathParseIconLocationW
PathUnquoteSpacesA
UrlApplySchemeW
PathIsPrefixW
SHRegWriteUSValueW
StrRetToStrW
UrlCombineW

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB