846cf5200a95d095f01ec19b2a5072dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

846cf5200a95d095f01ec19b2a5072dd_JaffaCakes118
Size

300KB
MD5

846cf5200a95d095f01ec19b2a5072dd
SHA1

42771ef2b5dac37ac55e493c4f4949336ba9acdb
SHA256

2649a118dac3d337031f69e9fec0f67f855d6f2f8c042f6f9d39aa85d1bf66c3
SHA512

1b9ef5b50b14b0fb21a58b94fc84b71e377a6b2d3e66507e29fdf6f31ee67053e68062886a13a791af2072f2f3edeff24f370a492408f8005a753b3c699f2805
SSDEEP

6144:ZNGEyIHKT71y/ao8VXvPGMJXdHAOBFfLp1G8HP1uWKkN4j6v3R4:ZN5c1yCo8Rm6qwtLp7d2k6Q3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
846cf5200a95d095f01ec19b2a5072dd_JaffaCakes118

Files

846cf5200a95d095f01ec19b2a5072dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c30e629f947929e57353440712d84d80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
LocalSize
GetProfileIntA
VirtualFree
GetLogicalDriveStringsA
TryEnterCriticalSection
FindNextChangeNotification
CreateNamedPipeW
DosDateTimeToFileTime
DeleteFiber
FileTimeToLocalFileTime
SetProcessWorkingSetSize
GetSystemDirectoryW
SetConsoleActiveScreenBuffer
SetCommMask
_lclose
LocalLock
ScrollConsoleScreenBufferA
CreateDirectoryW
CreateDirectoryExA
lstrcmpiW
IsProcessorFeaturePresent
WritePrivateProfileSectionA
IsBadReadPtr
SetCurrentDirectoryA
GetPrivateProfileSectionW
GetSystemTimeAdjustment
GetLargestConsoleWindowSize
GetDiskFreeSpaceExA
GetOverlappedResult
_hread
SetThreadAffinityMask
RemoveDirectoryA
VirtualQuery
FlushFileBuffers
GlobalAddAtomA
GetLongPathNameA
CreateMutexW
GetCurrentProcess
ReadDirectoryChangesW
FreeLibrary
FindCloseChangeNotification
VirtualUnlock
SwitchToFiber
WaitNamedPipeA
GetVolumeInformationW
GetCPInfo
GetSystemTime
GetFileType
GlobalFree
GetConsoleMode
FormatMessageA
GetUserDefaultLangID
GetEnvironmentStringsW
OpenFile
InitializeCriticalSection
FatalAppExitA
lstrcpynA
SetConsoleWindowInfo
GetVersion
WritePrivateProfileStructA
LeaveCriticalSection
WriteConsoleOutputW
EnumSystemCodePagesA
EnumCalendarInfoW
GetDiskFreeSpaceW
FindFirstFileW
FindResourceExA
FindFirstFileExW
IsValidLocale
UnmapViewOfFile
GetCommandLineW
SetConsoleTitleA
GetTapeParameters
GetCommConfig
DuplicateHandle
GetShortPathNameA
EnumResourceNamesW
GetProcessHeap
SetHandleCount
GetFullPathNameA
GetPrivateProfileStringW
CreateMutexA
GetCommandLineA
VirtualAlloc
GetEnvironmentVariableW
ExitProcess

user32

DialogBoxParamA
DefWindowProcW
IsCharUpperA
CharPrevA
GetWindowThreadProcessId
CharLowerA
InsertMenuA
EndMenu
LoadStringA
SendMessageCallbackW
EnumDisplayDevicesA
GetWindowTextLengthW
CopyIcon
GetQueueStatus
WinHelpA
MapDialogRect
FindWindowExW
IsWindowVisible
EnumWindows
SetMenuDefaultItem
TrackMouseEvent
SetWindowsHookExW
RegisterClassExW
CallWindowProcW
DrawTextW
SendMessageTimeoutW
SwapMouseButton
SetSysColors
ChangeClipboardChain
TrackPopupMenuEx
SetCapture
PostThreadMessageW
SetRect
ReleaseCapture
CountClipboardFormats
SetActiveWindow
GetTitleBarInfo
SendInput
GetWindowTextW
SetClipboardViewer
IsClipboardFormatAvailable
GetMessageExtraInfo
DestroyMenu
OpenDesktopA
DrawFrameControl
GetClassNameA
SetWindowLongA

gdi32

CloseEnhMetaFile
SetBkColor
SetPixelV
StartDocW
RemoveFontResourceW
CopyEnhMetaFileA
CreateDCA
SetGraphicsMode
GetBkMode
CreateEnhMetaFileA
GetClipBox
GetCharWidthW
StretchBlt
CreateRoundRectRgn
SetBrushOrgEx
SetPixel
GetBkColor
GetSystemPaletteUse
AbortDoc
FillPath

comdlg32

ReplaceTextW
ChooseFontW
GetOpenFileNameW

advapi32

SetNamedSecurityInfoW
OpenServiceW
RegQueryValueExW
RegLoadKeyA
QueryServiceLockStatusW

shell32

ShellExecuteA
SHAddToRecentDocs

ole32

PropVariantCopy
CoFreeAllLibraries
CoGetTreatAsClass
CoCreateInstance
CoReleaseMarshalData
ProgIDFromCLSID
CoRegisterMallocSpy
OleLockRunning
OleCreateLink

oleaut32

QueryPathOfRegTypeLi
SafeArrayCreate
VariantChangeType
VariantCopy
SafeArrayUnaccessData

comctl32

ImageList_SetDragCursorImage
ImageList_GetIconSize
ImageList_DragShowNolock

shlwapi

StrRetToBufW
StrRChrW
StrCmpIW
SHRegCloseUSKey
StrCmpW
AssocQueryKeyW
StrStrIW
SHEnumValueW
SHStrDupW
PathFindFileNameA
StrFormatByteSizeA
SHOpenRegStream2W
StrCatBuffW

Sections

gyqam
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

wekukwy
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ekekyak
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mmkequ
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c30e629f947929e57353440712d84d80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

gyqam Size: 8KB - Virtual size: 4KB

wekukwy Size: 8KB - Virtual size: 5KB

ekekyak Size: 268KB - Virtual size: 266KB

mmkequ Size: 12KB - Virtual size: 11KB

gyqam
Size: 8KB - Virtual size: 4KB

wekukwy
Size: 8KB - Virtual size: 5KB

ekekyak
Size: 268KB - Virtual size: 266KB

mmkequ
Size: 12KB - Virtual size: 11KB