a947c794b643232181995a5a770e6e4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a947c794b643232181995a5a770e6e4b_JaffaCakes118
Size

369KB
MD5

a947c794b643232181995a5a770e6e4b
SHA1

12328d2e0a2c0ba1000c92b914e532d4290d1026
SHA256

2c1d0eefdf8f2a9d10abaf11978146eeebe9ff42aca4a3c6fceb05e40a8ced5f
SHA512

29a3674a109e1ff55c5eca0e910e1a399fd64659b576150f3bb93b8eb195ddf95ede58524a3d04fb845980dd88b8fb5c8aef9f4ab3afecd4d4d71e1ea87956ef
SSDEEP

6144:3itMLbocw6yud27OpKn6HWYFfFndgBps1IKEAUK1ehCYCZ0JBoCOU5dPuyK:mmocwm0SpK62ACXs1xXhYnKeVA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a947c794b643232181995a5a770e6e4b_JaffaCakes118

Files

a947c794b643232181995a5a770e6e4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ebb69399b4decbf90c470d9c318d95e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
WritePrivateProfileSectionW
FindNextFileW
TerminateThread
GetVersionExA
GetModuleHandleA
GetUserDefaultLangID
SetConsoleTitleW
GenerateConsoleCtrlEvent
ResetWriteWatch
FindResourceExA
GetLongPathNameW
GlobalUnlock
FillConsoleOutputAttribute
FreeLibraryAndExitThread
ReleaseSemaphore
lstrcpyA
lstrcatA
SetThreadPriority
GetDevicePowerState
DisconnectNamedPipe
FillConsoleOutputCharacterA
GetFileInformationByHandle
EnumCalendarInfoA
Heap32ListNext
RemoveDirectoryA
IsBadCodePtr
GetDefaultCommConfigA
SetThreadAffinityMask
GetConsoleOutputCP
IsValidCodePage
EnterCriticalSection
SetConsoleWindowInfo
GetDiskFreeSpaceExW
GetCommandLineW
GetCurrentDirectoryA
EndUpdateResourceA
CompareStringA
DeleteFiber
WritePrivateProfileStructA
GetStartupInfoA
LoadLibraryExA
GetLogicalDrives
ReadConsoleW
MoveFileExW
SetThreadLocale
GlobalFindAtomA
SetCurrentDirectoryW
GetNumberOfConsoleInputEvents
CreateDirectoryExW
CreateRemoteThread
LocalCompact
SetVolumeLabelA
WritePrivateProfileStructW
Sleep
UpdateResourceW
SearchPathA
GetProfileStringA
BeginUpdateResourceW
OpenWaitableTimerW
QueryPerformanceCounter
GetEnvironmentStrings
HeapDestroy
FormatMessageW
GetProfileSectionW
FoldStringW
SizeofResource
GetHandleInformation
SetPriorityClass

user32

EnumPropsA
GetLastActivePopup
DialogBoxIndirectParamW
DrawIcon
OpenWindowStationW
GetMenuCheckMarkDimensions
GetClipCursor
MapVirtualKeyA
InSendMessage
IsRectEmpty
CallMsgFilterW
SetMenuItemInfoA
ShowWindow
LoadCursorFromFileW
GetSystemMetrics
GetWindowTextLengthA
UnregisterHotKey
FindWindowW
GetPriorityClipboardFormat
BringWindowToTop
ReleaseCapture
ShowCaret
PostMessageA
TabbedTextOutA
LoadMenuIndirectA
GetDlgItemTextA
EnableScrollBar
RegisterClipboardFormatA
SendMessageTimeoutA
TrackPopupMenuEx
SetScrollPos
IsCharAlphaNumericA
HideCaret
GetUserObjectSecurity
EnumPropsExW
SetKeyboardState
CharLowerW
SwitchToThisWindow
GetMenu
ToAscii
GetNextDlgTabItem
GetDCEx
GetTabbedTextExtentW
GetQueueStatus
CreateDesktopA
CreateDesktopW
SendMessageCallbackW
SubtractRect

gdi32

GetTextExtentPointA
EnumEnhMetaFile
UnrealizeObject
SetWorldTransform
GdiGetBatchLimit
GetEnhMetaFileA
GetDeviceCaps
SetRectRgn
SetViewportExtEx
SetWinMetaFileBits
LPtoDP
SetPolyFillMode
CombineRgn
GetLogColorSpaceA
GetBkMode
GetAspectRatioFilterEx
SetROP2
GetCharWidth32W
GetCharWidthW
GetViewportOrgEx
ArcTo
ExcludeClipRect
GetLogColorSpaceW
FixBrushOrgEx
SaveDC
GetTextExtentPoint32A
TextOutA
ExtFloodFill
GetStretchBltMode

advapi32

OpenSCManagerA
StartServiceW
GetSecurityInfo
RegEnumValueW
ObjectPrivilegeAuditAlarmW
RegDeleteKeyA
SetEntriesInAclA
GetMultipleTrusteeA
CryptHashSessionKey
LookupAccountNameW
QueryServiceConfigW
ObjectDeleteAuditAlarmW
AddAuditAccessAce
BuildImpersonateExplicitAccessWithNameA
OpenBackupEventLogA
RegEnumKeyExA
GetAclInformation
AdjustTokenPrivileges
CreateProcessAsUserA
GetSecurityDescriptorOwner
SetSecurityDescriptorSacl
RegRestoreKeyW
RegUnLoadKeyW
StartServiceCtrlDispatcherW
SetSecurityDescriptorGroup
CryptGenKey
EnumServicesStatusA
BackupEventLogA
CreateServiceA
RegLoadKeyA
QueryServiceLockStatusA

shell32

SHChangeNotify
DragAcceptFiles
SHQueryRecycleBinW
ShellExecuteW
ShellExecuteExA
ExtractAssociatedIconA
SHFileOperationW
SHQueryRecycleBinA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strlen

Sections

.text
Size: 285KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lehl6neq
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

icl81ldr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ebb69399b4decbf90c470d9c318d95e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 285KB - Virtual size: 288KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 27KB - Virtual size: 28KB

lehl6neq Size: 45KB - Virtual size: 48KB

icl81ldr Size: 4KB - Virtual size: 4KB

.text
Size: 285KB - Virtual size: 288KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 27KB - Virtual size: 28KB

lehl6neq
Size: 45KB - Virtual size: 48KB

icl81ldr
Size: 4KB - Virtual size: 4KB