ab5af4d0c8671b4de09a08263304417e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab5af4d0c8671b4de09a08263304417e_JaffaCakes118
Size

412KB
MD5

ab5af4d0c8671b4de09a08263304417e
SHA1

78b112486277a7466c1f78a9748da80f81c44721
SHA256

a7ba4a4e4d510004b09de0b0c6110469f5cb7573b4bf2f3c24c143d3f3558169
SHA512

16901a9627e275281d13613a223528de164ac1ec7546b9f827fffa260149d288ad72c9b5093c5e5a866a626ceaaab91beb70208739c65c90663feedf9886e059
SSDEEP

6144:kMT1I3fYvqNXpoHwnLs3SR4CtwmU+aLsUhKqyiTnylY9AQPb7rrVF:tMfoqNp5R4CymKLsURyiTnylhIjrf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5af4d0c8671b4de09a08263304417e_JaffaCakes118

Files

ab5af4d0c8671b4de09a08263304417e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84125f655c6a0364bc654c92cebaccf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SearchPathA
WriteConsoleOutputA
HeapLock
OpenSemaphoreW
GetPrivateProfileSectionW
WriteConsoleOutputAttribute
GlobalMemoryStatus
GetLogicalDriveStringsA
IsBadCodePtr
GetVersionExA
GlobalHandle
EnumResourceLanguagesW
GetFileTime
FlushFileBuffers
GetAtomNameA
SuspendThread
CreateFiber
SetProcessPriorityBoost
CancelDeviceWakeupRequest
ExpandEnvironmentStringsW
FindFirstChangeNotificationA
GetPrivateProfileStringW
VirtualFreeEx
GetProcessWorkingSetSize
InterlockedCompareExchange
GetNumberFormatW
lstrlenA
ContinueDebugEvent
CreateSemaphoreW
GlobalUnWire
BeginUpdateResourceA
CreateEventW
ReadConsoleInputW
SetCommMask
GetCurrentThread
GetStartupInfoA
WriteConsoleInputA
GetComputerNameW
GetStartupInfoW
IsDBCSLeadByteEx
lstrcmpA
TransactNamedPipe
GetCompressedFileSizeA
GetSystemDirectoryA
lstrcpynA
PeekConsoleInputW
GetTempFileNameA
GetNumberFormatA
GetProcessPriorityBoost
GetFileAttributesExW
GetProfileSectionA
GetWindowsDirectoryW
GetDiskFreeSpaceW
LoadModule
CloseHandle
GetProfileSectionW

user32

OpenWindowStationA
SetCaretBlinkTime
GetKeyNameTextW
InsertMenuItemW
CopyImage
InSendMessage
GetUserObjectInformationA
DeferWindowPos
GetDialogBaseUnits
GetWindowWord
VkKeyScanW
ActivateKeyboardLayout
SetWindowsHookExW
MapWindowPoints
RegisterClipboardFormatW
CreateIconFromResourceEx
GetKBCodePage
MessageBoxIndirectA
GetMenuItemInfoA
DrawIconEx
PeekMessageA
DlgDirSelectExW
GetSystemMetrics
IsWindow
CopyRect
EnumPropsExA
SetMenuItemInfoW
PaintDesktop
ClientToScreen
ShowWindow
ReplyMessage
AnyPopup
ShowScrollBar
IntersectRect
SetWindowsHookA
IsWindowEnabled
GetInputState
GrayStringA
GetAsyncKeyState

gdi32

AnimatePalette
GetBoundsRect
SetMapperFlags
GetFontLanguageInfo
GetDIBits
GetOutlineTextMetricsA
CopyMetaFileW
GetObjectW
GetCharWidthFloatW
GetDIBColorTable
CreateCompatibleDC
PolylineTo
RectVisible
GdiFlush
GetLogColorSpaceA
EndPath
FillPath
PlayEnhMetaFile
Chord
GetGlyphOutlineA
PatBlt
GetTextFaceW
GetTextMetricsW
PolyBezier

comdlg32

GetOpenFileNameA
GetFileTitleW
PrintDlgW
PageSetupDlgA

advapi32

CryptAcquireContextA
CryptEnumProvidersW
SetFileSecurityA
GetSecurityDescriptorGroup
CreatePrivateObjectSecurity
GetServiceKeyNameW
CryptDeriveKey
StartServiceW
CryptDestroyHash
GetMultipleTrusteeW
GetSidLengthRequired
AdjustTokenPrivileges
OpenEventLogA
RegisterServiceCtrlHandlerA
LookupPrivilegeDisplayNameW
InitializeAcl
CryptGetDefaultProviderA
RegSetValueA
BuildExplicitAccessWithNameW
QueryServiceConfigW
IsValidSid
SetAclInformation
SetTokenInformation
RegisterEventSourceA
GetAce
GetAclInformation
GetCurrentHwProfileW
RegConnectRegistryW
RegUnLoadKeyW
GetTrusteeNameA
AreAllAccessesGranted
RegEnumValueA

shell32

ShellAboutA
SHQueryRecycleBinW
DragQueryPoint
CommandLineToArgvW
SHInvokePrinterCommandW
ShellExecuteExA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetDataFromIDListW
FindExecutableW
Shell_NotifyIconA
Shell_NotifyIconW
DragAcceptFiles

msvcrt

_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type

Sections

.text
Size: 266KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pyznyhef
Size: 65B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pycshqyy
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84125f655c6a0364bc654c92cebaccf3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 266KB - Virtual size: 268KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 8KB

pyznyhef Size: 65B - Virtual size: 4KB

pycshqyy Size: 512B - Virtual size: 4KB

.text
Size: 266KB - Virtual size: 268KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 8KB

pyznyhef
Size: 65B - Virtual size: 4KB

pycshqyy
Size: 512B - Virtual size: 4KB