a2d1ffa3d3f89fdf2ac610ad0ab5e097_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2d1ffa3d3f89fdf2ac610ad0ab5e097_JaffaCakes118
Size

589KB
MD5

a2d1ffa3d3f89fdf2ac610ad0ab5e097
SHA1

c40f0436a2ec4443db4af715ec4c8d45bf5f2c25
SHA256

379a4ee9bf871895edafed734abc8c521ee82ee7c7dc73a02dbce98ffc7ccead
SHA512

bd5bc4ca8e96fa2e17feafc2089d1f82d8a7394219d99c41fa2269d47a4645975ce7bb4106719df056facbe536179e2fce180b95ff549a4667ac7a8a9ea8deba
SSDEEP

12288:MIT+UrvWDpIwGSFEkLzu/KjTVHOoon8W1zB7Mmidj6dO:MIyUrvWdGSCGu/KjTtE5MmSj6dO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2d1ffa3d3f89fdf2ac610ad0ab5e097_JaffaCakes118

Files

a2d1ffa3d3f89fdf2ac610ad0ab5e097_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de1d7236a73574d527515832a9cc402a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetProfileIntA
GetModuleHandleA
SetErrorMode
LocalReAlloc
GetHandleInformation
CreateMutexA
FindResourceExW
EnumResourceLanguagesW
GetSystemDefaultLangID
CompareStringW
GetFileAttributesA
GetWindowsDirectoryA
GetOEMCP
ReleaseSemaphore
GetDateFormatA
DuplicateHandle
FindFirstFileA
GlobalFindAtomW
GetEnvironmentVariableW
SystemTimeToFileTime
GetPrivateProfileSectionW
GetShortPathNameA
SetConsoleWindowInfo
ConnectNamedPipe
PulseEvent
MultiByteToWideChar
LoadLibraryExW
MoveFileExA
GetStartupInfoA
GetFileInformationByHandle
SuspendThread
IsBadStringPtrA
GetCommConfig
CreateEventA
GlobalAddAtomA
ReadConsoleA
ScrollConsoleScreenBufferA
GetLongPathNameA
Beep
OutputDebugStringA
GetDiskFreeSpaceW
SearchPathW
EraseTape
WritePrivateProfileStringA
AreFileApisANSI
GlobalUnlock
AllocConsole
FormatMessageA
lstrcatW
GlobalGetAtomNameW
FileTimeToLocalFileTime
lstrcpyA
FreeLibrary
EnumCalendarInfoA
CreateDirectoryA
ExitProcess
GlobalReAlloc
EnumCalendarInfoW
WriteProcessMemory
GetSystemTimeAsFileTime
CompareStringA
FindFirstFileW
GetNumberFormatW
GetModuleFileNameW
CreatePipe
GetLargestConsoleWindowSize
DebugBreak
SetConsoleCursorPosition
SetThreadAffinityMask
GetCommandLineW
WriteFile
EnumTimeFormatsW
GlobalFree

user32

SetTimer
SetMenu
RegisterWindowMessageW
WaitMessage
SetActiveWindow
DestroyWindow
ScrollWindow
SetWindowRgn
GetAsyncKeyState
GetMessageA
ChangeMenuA
DestroyCursor
GetGuiResources
CloseDesktop
SetWindowContextHelpId
PostThreadMessageW
LoadIconA
ScreenToClient
GetPropA
InSendMessage
EnumDesktopsA
OpenDesktopA
GetClassNameW
ReleaseCapture
InsertMenuItemA
GetIconInfo
GetSystemMetrics
GetKeyboardState
CreateDesktopA
DispatchMessageW
GetClassNameA
ActivateKeyboardLayout
DrawFrameControl
AdjustWindowRect
DialogBoxParamA

gdi32

CopyMetaFileW
GetCurrentObject
SelectClipPath
GetWinMetaFileBits
CreateMetaFileW
SetPixelFormat
GetEnhMetaFileBits
SetColorAdjustment
GetTextCharacterExtra
LineTo
CreatePalette
GetCharWidthA
GetBkMode
CreatePolygonRgn
EndDoc
CreateICW
SetEnhMetaFileBits
ModifyWorldTransform
GetPixel
IntersectClipRect
DPtoLP

comdlg32

ReplaceTextA
GetFileTitleW

advapi32

AdjustTokenPrivileges
RegisterEventSourceA
ObjectCloseAuditAlarmA
GetSecurityDescriptorSacl
SetTokenInformation
QueryServiceLockStatusW
GetServiceDisplayNameW
FreeSid
CryptSetProvParam
GetSidIdentifierAuthority
CryptEncrypt
CryptHashData
RegDeleteValueA
DeregisterEventSource
RegOpenKeyExA
QueryServiceConfigW
LookupPrivilegeNameA
StartServiceW
RegisterServiceCtrlHandlerW
RegLoadKeyA
RegQueryValueA
AddAccessDeniedAce
LockServiceDatabase
LogonUserW
NotifyBootConfigStatus
ReadEventLogW
AccessCheck
RevertToSelf
RegConnectRegistryA
InitializeSecurityDescriptor
SetEntriesInAclW
GetFileSecurityA
RegQueryInfoKeyW
RegFlushKey

shell32

DragFinish
Shell_NotifyIconW
SHBrowseForFolderA
SHFileOperationW
SHGetSettings
SHGetPathFromIDListA

ole32

CoQueryProxyBlanket
CoInitializeEx
StgCreateStorageEx
CoMarshalInterThreadInterfaceInStream
ProgIDFromCLSID
OleIsRunning
CoLockObjectExternal
OleRegGetMiscStatus
WriteClassStg
CoUninitialize

oleaut32

LoadTypeLibEx
SysStringLen
SafeArrayPutElement

shlwapi

PathIsRelativeW
SHRegSetUSValueW
StrTrimW
SHRegOpenUSKeyW
PathStripToRootW
PathAddExtensionW

msvcrt

strcoll
ceil
_wcsicmp
_execlp
_mbsdec
_getpid
_putenv
fclose
setvbuf
wcsncat
_beginthreadex
mbstowcs
_pctype
toupper
_wsystem
_splitpath
_wtoi64
_sleep
_locking
_fileno
wcstol
_fcvt
system
_wcsrev
_mbslwr
_tell
swprintf
_stat

Sections

.text
Size: 8KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de1d7236a73574d527515832a9cc402a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 224KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 268KB - Virtual size: 267KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 224KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 268KB - Virtual size: 267KB

.rsrc
Size: 16KB - Virtual size: 16KB