973cc5d8800bed0e30ef5c49ca95015d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

973cc5d8800bed0e30ef5c49ca95015d_JaffaCakes118
Size

380KB
MD5

973cc5d8800bed0e30ef5c49ca95015d
SHA1

5ccea8948aa962c0ee920c37e17e0b2b8fb44f95
SHA256

9dc7ec444f61a10f2d6d1b4afc88276c3c9d2ebc72b839f40812ddaf1e2b8843
SHA512

3ea345439ca7cab3684efcec1ce758a38d22c212e3a7d5b5c36543744192b23e22d53288a20ab1a15c82c353dd7baea060d630b65ca21963da41abf631b9805d
SSDEEP

6144:0LuKB7Jy+kBjNskkJwY9Nn1pXH1+fl2ZkbCJKZcu0Ev2XwxFTplYFGMya:0ikw1Nsk4pDF+9gkbjZcMvlYFdya

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
973cc5d8800bed0e30ef5c49ca95015d_JaffaCakes118

Files

973cc5d8800bed0e30ef5c49ca95015d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38a5c21358a172d07eb3f3d74ea0783b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterA
GetConsoleAliasExesLengthW
SetLastError
UnregisterConsoleIME
GetCurrentProcessId
UnlockFile
GetComputerNameExA
GetDiskFreeSpaceA
ResetWriteWatch
GetCompressedFileSizeA
GetLogicalDriveStringsA
SetThreadPriority
WaitNamedPipeA
GetPrivateProfileStructA
VirtualQuery
GetConsoleTitleA
GetFileAttributesA
SetConsoleDisplayMode
FindFirstVolumeMountPointA
VerifyVersionInfoA
SetFileShortNameA
TransactNamedPipe
GetVolumeNameForVolumeMountPointA
QueryPerformanceFrequency
GetDefaultCommConfigA
FileTimeToLocalFileTime
CompareStringA
GetDiskFreeSpaceExA
IsBadReadPtr
GetCommandLineA
GetTempPathA
TermsrvAppInstallMode
GetCurrentConsoleFont
GetProcessId
GetProcessHeaps
VirtualAllocEx
GetCPInfoExA
GetModuleHandleA
OpenEventA
Module32First
SetConsoleCP
ReleaseSemaphore
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
Thread32First
ReadConsoleOutputCharacterA
SetVolumeLabelA
GetVersionExA
Toolhelp32ReadProcessMemory
GetFileAttributesExA
DeleteTimerQueueEx
PeekNamedPipe
GetSystemPowerStatus
GetTapePosition
FindAtomA
DeleteTimerQueue
GetEnvironmentVariableA
OpenJobObjectA
SetSystemTime
WaitForSingleObjectEx
GetCurrentDirectoryA
EndUpdateResourceA
CreateFileA
SetConsoleIcon
GlobalFix
OpenMutexA
GetVersionExA
GetDefaultCommConfigA
GetComputerNameA
SetFileAttributesA
GetTickCount
GlobalHandle
IsDebuggerPresent
GetAtomNameA
GetPrivateProfileSectionNamesA
MoveFileA
ReadConsoleOutputAttribute
DisconnectNamedPipe
GetConsoleWindow
GetTimeZoneInformation
FillConsoleOutputCharacterA
MapUserPhysicalPages
SetProcessShutdownParameters
FlushConsoleInputBuffer
GetExitCodeProcess
lstrcat
QueueUserAPC
GetConsoleCommandHistoryLengthA
GlobalAddAtomA
GetDllDirectoryA
SetConsoleTitleA
SetMailslotInfo
IsBadHugeWritePtr
GetConsoleSelectionInfo
GetCommandLineA
OpenFileMappingA
SuspendThread
ExitProcess
RaiseException
GetVolumeNameForVolumeMountPointA
WaitForMultipleObjects
LoadLibraryA
GetDiskFreeSpaceExA
lstrcpyA
CreateMutexA
EndUpdateResourceA
SetConsoleCursorMode
GetConsoleKeyboardLayoutNameA
SetConsoleCP
GetLongPathNameA
GetTempFileNameA
GetTimeZoneInformation
ReadConsoleInputA
CreateWaitableTimerA
MoveFileExA
OpenProcess
ReleaseMutex
GetExitCodeThread
GetDllDirectoryA
GetVersionExA
CloseConsoleHandle
GetDllDirectoryA
PulseEvent
CreatePipe
DeleteAtom
GetWindowsDirectoryA
OpenSemaphoreA
GetVersionExA
SetInformationJobObject
GetVolumeInformationA
GetSystemDefaultUILanguage
TransmitCommChar
PurgeComm
SetComputerNameExA
GetEnvironmentStringsA
SetUserGeoID
LZDone
WriteConsoleInputA
EnumTimeFormatsA
Heap32First
AddAtomA
RequestWakeupLatency
GetDefaultCommConfigA
SetThreadLocale
ReadConsoleInputA
GetOEMCP
IsProcessorFeaturePresent
ReadConsoleOutputAttribute
GetThreadIOPendingFlag
EnumResourceNamesA
WriteConsoleA
ReadConsoleOutputCharacterA
IsSystemResumeAutomatic
GetConsoleOutputCP
GetLocalTime
SetFileAttributesA
OpenWaitableTimerA
OpenThread
FindResourceA
GetConsoleCP
UpdateResourceA
GetTempPathA
SetDefaultCommConfigA
IsBadCodePtr
GetCommProperties
DeleteTimerQueueTimer
SetComputerNameA
GetWindowsDirectoryA
GetFileType
GetCurrentProcess
GetProcessShutdownParameters
GetLocalTime
ProcessIdToSessionId
GetSystemTime
GetConsoleAliasExesA
SetFileValidData
GetTickCount
GetConsoleInputExeNameA
BeginUpdateResourceA
SetMailslotInfo
GetModuleFileNameA

user32

CallMsgFilter
LoadKeyboardLayoutEx
ShowWindow
UnregisterClassA
EnumDesktopWindows
RealChildWindowFromPoint
GetWindowPlacement
OffsetRect
GetRawInputBuffer
RegisterLogonProcess
DialogBoxIndirectParamA
GetRegisteredRawInputDevices
GetClientRect
CreateMenu
IsWindowUnicode
UnregisterClassA
CascadeWindows
EnterReaderModeHelper
CheckDlgButton
DialogBoxIndirectParamA
GetLayeredWindowAttributes
GetWindowTextA
SwitchToThisWindow
BuildReasonArray
IsDialogMessage
SetThreadDesktop
SetWinEventHook
LockWorkStation
GetWindow
GetTopWindow
SetSysColorsTemp
RegisterClassExA
GetMonitorInfoA
CreatePopupMenu
LoadKeyboardLayoutEx
DestroyCursor
IsWindowUnicode
UpdateWindow
EnumDisplaySettingsExA
SendMessageCallbackA
GetWindowTextA
SetClipboardViewer
CheckDlgButton
GetShellWindow
SendNotifyMessageA
GetWindowTextLengthA
ChildWindowFromPoint
CopyAcceleratorTableA
IsCharLowerA
AnyPopup
MoveWindow
ExcludeUpdateRgn
SwitchToThisWindow
IsWinEventHookInstalled
GetCaretBlinkTime
CopyIcon
CreateMDIWindowA
MonitorFromRect
CharNextA
AnyPopup
DrawTextExA
RegisterWindowMessageA
GetMenuItemInfoA
CopyAcceleratorTableA
SetSystemCursor
UnhookWinEvent
LockWorkStation
GetKeyNameTextA
GetCursor
UnregisterMessagePumpHook
CreateCursor
CreateIcon
DispatchMessageA
GetSystemMenu
DrawCaptionTempA
GetKeyboardLayoutList
ShowCursor
SetParent
GetLayeredWindowAttributes
LoadIconA
IsCharAlphaNumericA
RealGetWindowClassA
DrawTextExA
GetPropA
SetThreadDesktop
ImpersonateDdeClientWindow

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38a5c21358a172d07eb3f3d74ea0783b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 2KB

.text Size: 176KB - Virtual size: 418KB

.idata Size: 100KB - Virtual size: 99KB

.rsrc Size: 100KB - Virtual size: 96KB

.itext
Size: - Virtual size: 2KB

.text
Size: 176KB - Virtual size: 418KB

.idata
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 100KB - Virtual size: 96KB