88a7dc094e4686915f22a1542db24fa4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88a7dc094e4686915f22a1542db24fa4_JaffaCakes118
Size

180KB
MD5

88a7dc094e4686915f22a1542db24fa4
SHA1

1ff1b2b78b12605a6b0aed901b7ef0f94b3671c7
SHA256

1c2609f34027568cbb34653795cc76ab2843a4cd1f172d1425175c051e69dd56
SHA512

079fcfea0fbe6ab29c3af5e10a56c7371af4193e5e366d273949c2960fa2e59e62ca07971d90a98eb0a57cc77b4f6d12f05038a4bacc80e8c9aff67d9a469505
SSDEEP

3072:KupHxPeShjekFK+/CIwStT/IJpyEO6d0M23UgOzVevjRMeJyXj2Sd:rXHha00CGlar3UxV0H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88a7dc094e4686915f22a1542db24fa4_JaffaCakes118

Files

88a7dc094e4686915f22a1542db24fa4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4874986f8d3ab9f3242483001a8ba45a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserAPC
GetDefaultCommConfigA
_hwrite
GetUserGeoID
GetThreadContext
OpenSemaphoreA
SetCommBreak
UnregisterConsoleIME
FindClose
ReadConsoleOutputAttribute
ClearCommError
FindNextChangeNotification
IsBadWritePtr
BuildCommDCBA
GlobalSize
GlobalFindAtomA
LZSeek
GetVolumeInformationA
GetDiskFreeSpaceExA
GetTickCount
ReadConsoleA
SetFilePointer
GetPriorityClass
GetCurrentThreadId
WriteProcessMemory
GetCurrencyFormatA
GetConsoleCommandHistoryLengthW
WriteConsoleOutputA
FlushViewOfFile
SetCalendarInfoA
SetFileAttributesA
GetCurrentDirectoryA
CreateThread
MapViewOfFileEx
GetVolumePathNameA
LZInit
SetComputerNameA
GetSystemTime
GetCommandLineA
SetLastError
GetLastError
SetHandleContext
HeapFree
DeleteTimerQueueTimer
GetProcessIoCounters
GetExpandedNameA
UnregisterWait
GetCommMask
PeekNamedPipe
GetFileAttributesExA
QueueUserWorkItem
SetVolumeMountPointA
SetErrorMode
SetFilePointerEx
SetSystemTimeAdjustment
VirtualAllocEx
LCMapStringA
GetLogicalDriveStringsA
RegisterWaitForSingleObject
GetDiskFreeSpaceA
WriteConsoleInputA
GetThreadSelectorEntry
lstrcat
GetWindowsDirectoryA
FindAtomA
GetConsoleCursorMode
GetNumberFormatA

user32

ImpersonateDdeClientWindow
UpdatePerUserSystemParameters
DialogBoxParamA
DlgDirListComboBoxA
EnumDisplayMonitors
GetProcessDefaultLayout
GetUpdateRect
CreateCaret
DrawFocusRect
MonitorFromRect
LoadRemoteFonts
DeviceEventWorker
GetThreadDesktop
UnhookWindowsHookEx
DrawAnimatedRects
CreateCursor
CreateWindowStationW
SetParent
MenuWindowProcA
MapVirtualKeyExW
OpenWindowStationA
DrawTextExA
GetDialogBaseUnits
GetClassInfoExA
DeferWindowPos
SystemParametersInfoA
GrayStringA
GetSystemMetrics
GetMenuInfo
DefDlgProcA
EnableWindow
CreateWindowStationA
DestroyWindow
CliImmSetHotKey
TranslateMessage
SystemParametersInfoA
SetDebugErrorLevel
PostThreadMessageA
MonitorFromRect
MenuWindowProcA
PaintMenuBar
GetUserObjectInformationA
ReuseDDElParam
CharNextExA
TrackPopupMenu
CreateDesktopA
BeginDeferWindowPos
TileChildWindows
SetWindowStationUser
UnionRect
GetMenuItemInfoA
IsDialogMessage
OpenWindowStationA
GetClipboardFormatNameA
ToAscii
RegisterHotKey
GetCapture
CallWindowProcA
GetLayeredWindowAttributes
GetDlgItemTextA
SetScrollPos
CharUpperA
DlgDirListA
CloseWindow
TrackPopupMenu
GetMessageTime
SetShellWindow
ReasonCodeNeedsComment
CreateWindowExA

advapi32

AddAccessDeniedObjectAce

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4874986f8d3ab9f3242483001a8ba45a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 142KB - Virtual size: 144KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 33KB - Virtual size: 36KB

.text
Size: 142KB - Virtual size: 144KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 33KB - Virtual size: 36KB