93a0ae495064caaf6fa063a5fdc2a675_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93a0ae495064caaf6fa063a5fdc2a675_JaffaCakes118
Size

324KB
MD5

93a0ae495064caaf6fa063a5fdc2a675
SHA1

f59cdfcb876be87d6eb4a9eece2f433f0a05a3b9
SHA256

b44ab9a50ee48bc850591685286809114402c8144c83572d4ca9d5518f61b3d4
SHA512

2bd7cdc1352443d5699e6f8fc8df47d5f40df2ac025de5a8fb9bdb639997c9938e7d339e52d003865f8289b948def66cad2affe94a02f8b30ddb5008f9d44a07
SSDEEP

6144:6z96k9kUa8ggsrpmCRyVha9vZ3Uoi4loX2+8gO7/8JGW8rexnTFeuVdo/AiGv:6R3vHirPRy4Z3Uoi8y8JJWTTV2/Ai8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a0ae495064caaf6fa063a5fdc2a675_JaffaCakes118

Files

93a0ae495064caaf6fa063a5fdc2a675_JaffaCakes118
.exe windows:4 windows x86 arch:x86

050a2391280198ee6e8d44cae32827c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
GetNamedPipeInfo
OpenFileMappingW
GetTickCount
FormatMessageA
SetLocalTime
GetThreadLocale
GetPrivateProfileSectionNamesA
EnumResourceTypesA
IsBadStringPtrW
ReadConsoleInputW
lstrcmpiW
LocalLock
GetAtomNameW
PrepareTape
GetConsoleTitleA
CreateFileMappingW
SetEnvironmentVariableA
CreateProcessW
PurgeComm
WaitForSingleObject
EraseTape
SetStdHandle
CreateMailslotW
GetNumberFormatW
LeaveCriticalSection
DeleteFiber
GetTimeZoneInformation
OpenMutexA
FindFirstFileA
CreateProcessA
WaitForMultipleObjects
CreateFileA
DefineDosDeviceA
ResumeThread
InitializeCriticalSection
GetSystemTime
LoadLibraryA
GetCommModemStatus
WriteFileGather
CreateFileW
GetVersionExA
GetOverlappedResult
MulDiv
FlushFileBuffers
GetCommProperties
lstrcmpA
VirtualUnlock
GetTempFileNameA
CreateDirectoryExA
GetThreadPriority
EnumResourceLanguagesW
InterlockedCompareExchange
VirtualAlloc
GetStringTypeExA
GetPriorityClass
ReadConsoleOutputAttribute
CreateRemoteThread
WinExec
ResetEvent
GlobalFlags
EnumCalendarInfoW
SetSystemTime
GetThreadTimes
GetOEMCP
GetStartupInfoW
CreateEventA
SetCommState
FindFirstChangeNotificationA
GetFileType
PeekNamedPipe
FreeLibrary
OpenProcess
GlobalLock
SetThreadIdealProcessor
GetAtomNameA
VirtualQuery
GetPrivateProfileStructA
ConvertDefaultLocale
GetSystemInfo
PeekConsoleInputA
GetDriveTypeW
IsDBCSLeadByte
GetLocaleInfoW
GetCurrentThreadId
QueryPerformanceFrequency
ExitThread
CreateFileMappingA
GetCommandLineA
VirtualProtect
SetEndOfFile
ExitProcess

user32

GetClassNameA
AppendMenuW
DefMDIChildProcA
SetWindowWord
SetWindowsHookExW
ValidateRect
GetClipboardViewer
UnregisterHotKey
BroadcastSystemMessageW
SetClassLongW
RegisterDeviceNotificationA
CreateDialogParamA
EnumDesktopsA
LookupIconIdFromDirectory
SetWindowsHookW
LoadBitmapA
UnhookWindowsHook
SwitchToThisWindow
CreateWindowExA
OpenInputDesktop
LoadMenuIndirectW
SetTimer
DragDetect
ShowWindowAsync
CheckMenuRadioItem
DeleteMenu
VkKeyScanW

gdi32

PlayMetaFile
GetTextMetricsA
ExtTextOutA
EnumFontsW
GetDeviceCaps
PlayEnhMetaFileRecord
GetEnhMetaFileHeader
CopyMetaFileW
SetPixel
CreateBitmap
SetDIBColorTable
DPtoLP

comdlg32

ChooseColorW

advapi32

SetFileSecurityW
OpenSCManagerA
GetSecurityDescriptorControl
RegEnumValueW
ReportEventA
RegOpenKeyExA
IsValidSid
RegQueryInfoKeyW
RegCreateKeyExW
QueryServiceLockStatusW
RegConnectRegistryA
SetSecurityDescriptorOwner
CryptCreateHash
RegCloseKey
SetSecurityDescriptorDacl
CryptVerifySignatureW
StartServiceCtrlDispatcherW
GetAce
DeleteService
SetServiceStatus
GetSecurityInfo
RegDeleteValueW
RegNotifyChangeKeyValue
GetExplicitEntriesFromAclW
StartServiceA
InitiateSystemShutdownA
GetSidSubAuthorityCount
RegLoadKeyA
RegOpenKeyW
CryptExportKey
CryptGenKey

shell32

DragQueryFileW
SHBrowseForFolderA
ShellExecuteExW

ole32

SetConvertStg
StgOpenStorageEx
ReadClassStm
OleRegEnumVerbs
CoTaskMemAlloc
StgCreateDocfile
RegisterDragDrop
CoIsOle1Class
OleRun

oleaut32

SafeArrayCreate
SafeArrayPtrOfIndex
RegisterTypeLi
SysStringLen

comctl32

InitCommonControlsEx
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_Duplicate

shlwapi

PathAddBackslashA

setupapi

SetupDiGetDeviceInstallParamsA
SetupDefaultQueueCallbackA
SetupFindFirstLineW

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

050a2391280198ee6e8d44cae32827c3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 24KB