a9c11b105536bff34448626d74478bf6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9c11b105536bff34448626d74478bf6_JaffaCakes118
Size

7.7MB
MD5

a9c11b105536bff34448626d74478bf6
SHA1

ec8d89418b17e4b7662bf62db9f2d02108834b38
SHA256

143899b36aa3d008dfacd1cbdfe220adcd9bcbcf1b354c6079a8ba4c8b4ca897
SHA512

05a9dbce55d60c8c6c87b8d6bccba5c321c037e6abedf575d7fef0dfee3aa364ca508790ca6b80c99a246bb99e0f4bafa13d675c4c1050dcc5cf1b95aef73524
SSDEEP

196608:fNlJkyTcXDnC8+vzqrVZlJsuLHLyx5jE8DDjUo:VHXcXDnC0rblJZLLyvEAUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9c11b105536bff34448626d74478bf6_JaffaCakes118

Files

a9c11b105536bff34448626d74478bf6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7748331ac8d9a92ed86a2b8202a35972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleWindowInfo
GetBinaryTypeA
SetProcessWorkingSetSize
GetProcessHeap
GlobalFindAtomA
GetTapeParameters
GenerateConsoleCtrlEvent
SetupComm
SizeofResource
WritePrivateProfileSectionW
QueryDosDeviceW
LCMapStringA
CompareStringW
ReadFileScatter
SetSystemTime
FindFirstFileA
_lread
DeleteCriticalSection
GetTapeStatus
GetVolumeInformationW
SetEndOfFile
GetModuleHandleA
GlobalGetAtomNameW
GetThreadContext
GetFileAttributesA
MultiByteToWideChar
EnumResourceLanguagesW
LocalAlloc
CreateDirectoryW
_lopen
SetLastError
GlobalFlags
GetVersion
GetSystemInfo
WaitNamedPipeA
lstrcpyA
UnhandledExceptionFilter
RaiseException
lstrcmpA
FreeEnvironmentStringsA
FreeLibraryAndExitThread
SearchPathW
OpenSemaphoreW
GetSystemTimeAdjustment
GetProcessTimes
WriteConsoleOutputW
SetConsoleOutputCP
GetHandleInformation
PulseEvent
OpenFile
CreateEventA
GetLogicalDriveStringsA
LoadLibraryExW
IsBadStringPtrA
ClearCommBreak
lstrcmpiA
InitializeCriticalSection
SwitchToFiber
GetCompressedFileSizeW
MoveFileW
LoadResource
GetPrivateProfileSectionW
GetCPInfo
FindResourceExW
GetSystemTimeAsFileTime
ReleaseMutex
GetCommandLineW
GetDriveTypeA
GetTempPathW
GetTempFileNameA
WriteFile
GetWindowsDirectoryA
PurgeComm
PeekNamedPipe
ExitProcess

user32

GetWindowTextLengthW
EndDialog
TranslateAcceleratorA
CreateIconFromResource
GetUserObjectInformationA
ChangeClipboardChain
SetKeyboardState
CreateIconIndirect
GetKeyboardLayoutList
GetDesktopWindow
RegisterClassW
SetClipboardData
InsertMenuItemW
ToUnicodeEx
ExcludeUpdateRgn
SetWindowLongW
GetWindowTextLengthA
GetWindowDC
ExitWindowsEx
CharToOemW
RegisterClassExA
DrawAnimatedRects
GrayStringW
GetWindowWord
DeleteMenu
MonitorFromWindow
DrawIconEx
EnumDisplaySettingsExA
DefMDIChildProcA
DrawTextExA
CountClipboardFormats
ScrollDC
CreateAcceleratorTableA
SendDlgItemMessageW
GetClassInfoA
GetMessageW
GetNextDlgTabItem
GetClipboardData
GetWindowPlacement
DestroyAcceleratorTable
PostMessageW
RegisterWindowMessageW
GetClientRect
WinHelpA
CharUpperW
TabbedTextOutW
GetClipboardSequenceNumber
CharNextExA
GetKeyboardLayoutNameA
SetActiveWindow
BroadcastSystemMessageA
AttachThreadInput
TranslateAcceleratorW
CreateDialogParamA
SetDlgItemTextA

gdi32

CreatePolyPolygonRgn
GetNearestPaletteIndex
GetCurrentObject
CreateCompatibleDC
CopyEnhMetaFileW
CopyMetaFileA

comdlg32

PrintDlgA
ChooseColorW

advapi32

RegEnumKeyExW
NotifyChangeEventLog
RegDeleteKeyA
OpenProcessToken
CryptDestroyKey
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
LogonUserW
DeleteAce
EnumDependentServicesA
SetSecurityDescriptorGroup
DeleteService

shell32

ExtractIconExW
FindExecutableA
DragQueryPoint

ole32

StgCreateStorageEx
OleSetClipboard
CoQueryProxyBlanket
CoCreateInstanceEx
OleRegGetMiscStatus
CoSwitchCallContext
CoDisconnectObject
CreateStreamOnHGlobal

oleaut32

SysStringLen

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_DragShowNolock

shlwapi

PathIsFileSpecW
PathGetArgsW
UrlGetPartA
UrlApplySchemeW
SHStrDupW
PathRemoveBackslashA
HashData
SHDeleteKeyW
PathRemoveBlanksA
PathRemoveFileSpecA
SHRegGetBoolUSValueA
StrChrW
PathIsUNCServerW
PathIsRootA
StrCatBuffA
PathIsRelativeA
StrChrIA
PathFindNextComponentW

Sections

.text
Size: 4KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7748331ac8d9a92ed86a2b8202a35972

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 7.3MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 7.3MB - Virtual size: 7.3MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 4KB - Virtual size: 7.3MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 7.3MB - Virtual size: 7.3MB

.rsrc
Size: 68KB - Virtual size: 66KB