a70212d2d884c50049d556fefb208035_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a70212d2d884c50049d556fefb208035_JaffaCakes118
Size

30KB
MD5

a70212d2d884c50049d556fefb208035
SHA1

445c663f14dab6cc8821f9b077a06de8f8c77554
SHA256

9046e3bca6e1caf44b429c55c615455c7d5fd3190db307677246db89d0725c10
SHA512

5feafbf4d86d73e4af181094df9f581320d9f444fe56bc355ea8ef54a4804a4fa809efc46eb8f1f60700814b955667a73a92e71aa052b527b09de61ea34aee60
SSDEEP

768:x40Lu5AFFFqZ07KV+57uTDR1EzJepAYA:xzSV07wu7wcdYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a70212d2d884c50049d556fefb208035_JaffaCakes118

Files

a70212d2d884c50049d556fefb208035_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15b6823873a5247b9a87fd3682d692da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetStdHandle
GetPrivateProfileSectionNamesA
SetErrorMode
FatalExit
VirtualAlloc
VirtualFree
GetACP
GetThreadTimes
EnumResourceNamesW
lstrlenA
GetStartupInfoW
GetLocalTime
DeleteFileA
GetComputerNameW
ReadConsoleOutputAttribute
GetModuleHandleA
GetLastError
GetEnvironmentStrings
IsBadCodePtr
GetProcessAffinityMask
CreateSemaphoreA
SetConsoleTitleW
GetProcessHeap
ExpandEnvironmentStringsA
IsValidCodePage
GetProcessHeaps
lstrcmpiW
SetCommTimeouts
lstrcmpW
GetModuleHandleW
QueryPerformanceFrequency
MoveFileA
lstrcmpiA
EnumCalendarInfoW
GetPrivateProfileSectionNamesW
ExitProcess
CreateNamedPipeA
SetConsoleMode
GlobalDeleteAtom
SetConsoleCtrlHandler
GetTickCount
GetDevicePowerState
GetStringTypeExW
Module32Next
GlobalCompact
GetCommandLineW
RequestWakeupLatency
WriteConsoleA

advapi32

OpenBackupEventLogW
SetFileSecurityA
DeleteAce
GetSecurityDescriptorLength
CryptSetProviderExA
CreateProcessAsUserW
RegEnumKeyExA
MakeSelfRelativeSD
CryptSetProviderExW
SetNamedSecurityInfoExW
RegRestoreKeyA
RegCreateKeyExW
BuildExplicitAccessWithNameA
GetTrusteeNameA
GetSidSubAuthority
GetSecurityDescriptorOwner
CryptEnumProvidersW

gdi32

SetICMProfileW
GetObjectType
GetRasterizerCaps
SetWorldTransform
GetTextMetricsA
GetCurrentPositionEx
SetPixel
SetPaletteEntries
DeleteEnhMetaFile
GetArcDirection
SetLayout
CancelDC
GetROP2
GetMiterLimit
ResetDCW
CreateHalftonePalette
ExtTextOutW
GetTextAlign
GetKerningPairsA
GetObjectA
SetLayout
GetEnhMetaFilePaletteEntries
GdiGetBatchLimit
CopyMetaFileW
GetTextExtentPointA
AbortDoc
GetPixel
MoveToEx
GetGlyphOutline
GetSystemPaletteEntries
GetTextCharset
AnimatePalette
GetWindowOrgEx
GetTransform

msvcrt

_CIlog10
putchar
_ismbcl2
iswprint
_tzname
_atoldbl
_ismbbprint
_strrev
_gcvt
_wcsicmp
_wexecvp
_wperror
_waccess
__getmainargs
ldexp
_itow
_splitpath
div
ungetc
_vsnprintf
_adj_fdiv_m16i
atol
_mbsicoll
_ismbcpunct
strlen
_wtempnam
_CIexp
_mbcjistojms
getchar
_mbbtombc
_adj_fprem1
_fileinfo
_findnext
__p___winitenv
_timezone
iswpunct
_clearfp
_spawnlp
_vsnwprintf
_ismbbtrail

user32

SetSysColors
EnableWindow
DrawAnimatedRects
EnumThreadWindows
RedrawWindow
SetCursorPos
IMPQueryIMEW
SetClassLongA
GetDesktopWindow
LockWindowUpdate
SwitchToThisWindow
LoadImageW
DefWindowProcA
GetClassNameA
GetClipCursor
DdeAddData
DrawTextExW
TranslateAcceleratorA
ChildWindowFromPoint
DrawEdge
ClientToScreen
GetKeyboardLayoutNameW
OemToCharA
LoadBitmapW
SendMessageTimeoutW
OpenIcon
DestroyWindow
RegisterTasklist
OemToCharBuffW
SetShellWindow
GetWindowDC
CloseClipboard
TranslateMDISysAccel
SetActiveWindow
ReleaseCapture
MapWindowPoints
CreateDialogParamA
GetClipboardData
EnumClipboardFormats
CloseWindow
SubtractRect
EnumDisplayMonitors

ole32

HPALETTE_UserFree
CoGetCallContext
OpenOrCreateStream
CoUnmarshalHresult
OleSetAutoConvert
PropVariantClear
HBRUSH_UserMarshal
CoRegisterSurrogate
CoCopyProxy
CoGetMarshalSizeMax
CoInitialize
CLIPFORMAT_UserMarshal

Sections

.text
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.npnpf
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aan
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fjvnv
Size: 2KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15b6823873a5247b9a87fd3682d692da

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

msvcrt

user32

ole32

Sections

.text Size: 20KB - Virtual size: 21KB

.npnpf Size: 4KB - Virtual size: 10KB

.aan Size: 2KB - Virtual size: 8KB

.fjvnv Size: 2KB - Virtual size: 21KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 21KB

.npnpf
Size: 4KB - Virtual size: 10KB

.aan
Size: 2KB - Virtual size: 8KB

.fjvnv
Size: 2KB - Virtual size: 21KB

.reloc
Size: 1024B - Virtual size: 1KB