adf801ea4db7d2816469bfc1ec3f3702_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adf801ea4db7d2816469bfc1ec3f3702_JaffaCakes118
Size

2.1MB
MD5

adf801ea4db7d2816469bfc1ec3f3702
SHA1

e147b3fa2c70b0da26035c9b545bae5c68aadb7d
SHA256

8ef454607867e42fcf8be06e3612067951f318de140aec9da84479ac7f4c2252
SHA512

2c954068123b3f92156d64161211bbf645ad6a60a6edca319c2c6a0335ce0c6516d388e62d7bd579e3276e5d8355b693e2941098a0fec22f9fffd9ea3e504ab8
SSDEEP

49152:0XxnOEGL+SzJnYQbjy0hO6DybU6aoY3aoAxeI:0hOZ+SzJYQPy0hO6OoZoMaoDI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adf801ea4db7d2816469bfc1ec3f3702_JaffaCakes118

Files

adf801ea4db7d2816469bfc1ec3f3702_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
VirtualQueryEx
EnumResourceLanguagesW
UnhandledExceptionFilter
GlobalReAlloc
GetTapeStatus
GetVolumeInformationW
VirtualFree
GetThreadContext
ConnectNamedPipe
SetThreadLocale
TryEnterCriticalSection
SetSystemTime
CreateEventA
CreateDirectoryA
EndUpdateResourceA
EnumResourceNamesA
LocalLock
SwitchToFiber
UnmapViewOfFile
AreFileApisANSI
LocalReAlloc
PeekConsoleInputW
GetNumberFormatW
GetProcessTimes
OpenFile
GetDateFormatA
EnumDateFormatsW
FreeLibraryAndExitThread
EnumSystemCodePagesA
FindResourceExA
IsDBCSLeadByteEx
SetConsoleActiveScreenBuffer
SetCommMask
RaiseException
LoadLibraryExW
GetAtomNameA
GlobalFlags
GetCurrentDirectoryW
IsProcessorFeaturePresent
CreateDirectoryW
GetSystemDefaultLangID
GetTimeZoneInformation
GetBinaryTypeW
GetHandleInformation
VirtualProtect
GlobalUnlock
WritePrivateProfileSectionA
GlobalFindAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleHandleA
SetLastError
GetProcessHeap
ReleaseSemaphore
FillConsoleOutputCharacterA
FreeLibrary
SetTimeZoneInformation
GetTempFileNameA
SetNamedPipeHandleState
FindFirstFileExW
FlushConsoleInputBuffer
GetOverlappedResult
WriteConsoleOutputW
OpenSemaphoreW
lstrcatW
GetCommState
lstrcmpA
IsBadReadPtr
SuspendThread
GetCommandLineW
ExitProcess

user32

DispatchMessageW
CreateAcceleratorTableW
EnumDisplaySettingsExW
SendNotifyMessageA
DefFrameProcW
SetPropA
ToUnicode
GrayStringA
GetNextDlgTabItem
RedrawWindow
ChildWindowFromPoint
ChildWindowFromPointEx
CharToOemW
ChangeClipboardChain
GetWindow
GetMenuStringA
GetMenuInfo
GetUserObjectInformationW
GetShellWindow
ModifyMenuW
CreateDialogParamW
ShowWindow
NotifyWinEvent
BroadcastSystemMessageW
SetPropW

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GetCharWidth32A
CreateDiscardableBitmap
GetTextCharacterExtra
EnumFontFamiliesExA
SetSystemPaletteUse
BitBlt
ExtCreatePen
GetBkColor
EnumFontFamiliesExW
GetBkMode
PolyPolyline
GetCurrentPositionEx
StartPage
DescribePixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
GetAclInformation
InitializeSid
RegRestoreKeyW
CreateServiceW
CryptVerifySignatureA
MakeSelfRelativeSD
FreeSid
RegisterServiceCtrlHandlerA
CryptAcquireContextW

shell32

ShellExecuteA

ole32

CoLockObjectExternal
OleLockRunning
OleCreateFromData
ReadClassStg
ProgIDFromCLSID
RevokeDragDrop
ReadFmtUserTypeStg
CoMarshalInterface

oleaut32

SafeArrayPutElement
LoadTypeLi
VariantCopy
SafeArrayCreate

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

PathIsSameRootW
PathGetDriveNumberA
StrCmpNA
PathUndecorateW
StrCatW
HashData
PathStripPathA
SHSetThreadRef
StrRStrIW
PathRemoveBlanksA
StrFormatByteSize64A
PathParseIconLocationW
PathUnquoteSpacesA
UrlApplySchemeW
PathIsPrefixW
SHRegWriteUSValueW
StrRetToStrW
UrlCombineW

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB