af06b01f936447696273c3ca0dc9e557_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

af06b01f936447696273c3ca0dc9e557_JaffaCakes118
Size

3.7MB
MD5

af06b01f936447696273c3ca0dc9e557
SHA1

f8fcb75e4d49c2997d6ceb6d60375aa966a9fa48
SHA256

e46559237d4e21cac64d8a683a68d3e6f6e467299a3942fff2b7bc694fc86d86
SHA512

8a85fbe390419b1dd573adffe05dafbcd17f28db248a46a8cc6e3fb89818733d8acbc8e5e0c6aafcb0744656185d7399bc7188dea11f14610e48590cc820a77c
SSDEEP

98304:grEUFwQVshXogZowA+89udn+BUpMfIzxsE30p5Ussqlbgbt:PIwQVshX989E+CpMSxp+TsqlbEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af06b01f936447696273c3ca0dc9e557_JaffaCakes118

Files

af06b01f936447696273c3ca0dc9e557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c24ab30670640d316007448bdc26635c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

FindExecutableW
SHAddToRecentDocs

user32

FindWindowExW
DrawEdge
MapDialogRect
SendMessageW
GetSubMenu
LoadIconA
InsertMenuW
IsMenu
SetActiveWindow
RegisterClassW
ModifyMenuA
LoadMenuA
LoadStringA
GetMenuItemInfoA
UnregisterDeviceNotification
ActivateKeyboardLayout
SetProcessDefaultLayout
SwitchToThisWindow

advapi32

LookupAccountSidA
RegOpenKeyA
AllocateLocallyUniqueId
GetSecurityDescriptorGroup
FreeSid
CopySid
QueryServiceStatus
SetNamedSecurityInfoW
AddAccessDeniedAce
LockServiceDatabase

gdi32

SetDIBits
SetPolyFillMode
GetROP2
SetWindowOrgEx

kernel32

SetConsoleTitleA
LoadLibraryExA
GetCurrentProcess
OpenMutexA
RaiseException
GetOEMCP
GetShortPathNameW
SetCommTimeouts
GetTapeParameters
LeaveCriticalSection
SuspendThread
GlobalAddAtomW
EndUpdateResourceA
SetProcessWorkingSetSize
GetOverlappedResult
EnumSystemCodePagesA
GetSystemTime
TlsGetValue
IsProcessorFeaturePresent
EnumResourceNamesA
RemoveDirectoryA
ExitProcess
GlobalFlags
VirtualQuery
DosDateTimeToFileTime
CreateMutexW
OutputDebugStringA
ScrollConsoleScreenBufferA
SizeofResource
LCMapStringA
CreatePipe
GetLargestConsoleWindowSize
GetProcessTimes
PeekNamedPipe
EnumCalendarInfoW
GetDriveTypeA
VirtualProtect
FormatMessageW
ReadFile
SetCurrentDirectoryA
SetConsoleActiveScreenBuffer
FatalAppExitA
ReadFileScatter
lstrcpynA
SetVolumeLabelA

msvcrt

_putws
_snprintf
atol
localtime
_wstrtime
iswalpha
iswspace
swprintf
iswcntrl

Sections

.text
Size: 5KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c24ab30670640d316007448bdc26635c

Headers

File Characteristics

Imports

shell32

user32

advapi32

gdi32

kernel32

msvcrt

Sections

.text Size: 5KB - Virtual size: 224KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 224KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB