b3531046d8f9b6cc9de687fc0e4339f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3531046d8f9b6cc9de687fc0e4339f0_JaffaCakes118
Size

284KB
MD5

b3531046d8f9b6cc9de687fc0e4339f0
SHA1

071c39e5614bb7880b769587096d7f7ea23a3379
SHA256

969c8833f8d4af4e1bf64a92ea914acd50f092e5521d4b6b3ee6ae2675c254d0
SHA512

bb94911999bb6438abb9dc03af90cbec62cbaad05ae3125f82640b0a9e53a73ef0201a977b29f6a964778653fb54dc6e953ff1da68629cfff6a9253a1215c592
SSDEEP

6144:cys0S/YE8VBG+aCA07iD9nG6tDrJfm97I3oefMvuqxxcNbOg0iCpiQ4/:zS/YywvwES3FmhIUGqxqNbeigU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3531046d8f9b6cc9de687fc0e4339f0_JaffaCakes118

Files

b3531046d8f9b6cc9de687fc0e4339f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

834bf9ede985269d83bcff3d313ed0d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TransactNamedPipe
FindAtomA
SetHandleInformation
GetNamedPipeHandleStateW
SetConsoleWindowInfo
FormatMessageA
lstrcpynA
SetCurrentDirectoryA
FreeLibrary
GetVersionExA
GetStringTypeA
GetFileAttributesW
lstrlenA
MoveFileExW
SetProcessPriorityBoost
GetCommTimeouts
TlsFree
LoadLibraryA
SetComputerNameW
IsValidLocale
OpenWaitableTimerW
ReadDirectoryChangesW
Heap32ListFirst
GlobalUnWire
IsDBCSLeadByte
GetDiskFreeSpaceA
CreateSemaphoreW
GetCurrentDirectoryW
SetUnhandledExceptionFilter
SetErrorMode
Heap32ListNext
GetModuleHandleA
GetNamedPipeHandleStateA
GetExitCodeProcess
GetProcessWorkingSetSize
ReadFileEx
CreateWaitableTimerA
GlobalFlags
GetCompressedFileSizeW
GetTempPathA
GetStartupInfoA
lstrcmpiW
LocalFileTimeToFileTime
ExitProcess
CopyFileExW
HeapCompact
WriteProcessMemory
GetWriteWatch
CancelIo

user32

SetDebugErrorLevel
GetKeyboardType
GetUserObjectInformationW
GetLastActivePopup
GetIconInfo
SendNotifyMessageW
IsCharAlphaA
IsCharLowerW
EnumWindowStationsW
RegisterClassExW
SetClipboardData
SendMessageW
EnumDesktopsA
GetClientRect
DragDetect
HiliteMenuItem
LoadImageW
ScreenToClient
OemToCharBuffW
CheckMenuItem
CharUpperBuffA
GetMenu
BeginDeferWindowPos
SetRectEmpty
CreateIconFromResourceEx
DeferWindowPos
GetMenuCheckMarkDimensions
IntersectRect
GetTabbedTextExtentW
IsClipboardFormatAvailable
GetDlgItem
SetWindowPlacement
RemoveMenu
GetWindowPlacement
DefWindowProcW
MessageBoxA
DrawStateW
LoadAcceleratorsW
EmptyClipboard
UnhookWindowsHook
SetScrollInfo
DestroyIcon
CheckDlgButton
ShowCursor
UnregisterClassA
RegisterClassA
GetCursorPos
SetCursor
DestroyCaret
GetClassNameW
GetDoubleClickTime
SetWindowLongA
SetCursorPos
GetDialogBaseUnits
wvsprintfW
SubtractRect
DlgDirListComboBoxW
SetThreadDesktop

gdi32

TextOutW
GetViewportOrgEx
OffsetRgn
GetEnhMetaFilePaletteEntries
EnumFontFamiliesExA
CloseEnhMetaFile
GetCharWidthFloatA
GetNearestColor
CreateScalableFontResourceW
StretchDIBits
SetPixelV
SetROP2
CreateCompatibleBitmap
CreatePenIndirect
Ellipse
GetRasterizerCaps
SetMapperFlags
PlayMetaFile
ExtEscape
GetTextExtentPointW
CopyEnhMetaFileW
ResizePalette
CreateHatchBrush

comdlg32

ChooseColorW

advapi32

PrivilegedServiceAuditAlarmA
AddAuditAccessAce
SetServiceBits
GetUserNameA
LookupAccountSidA
LookupPrivilegeNameW
ObjectPrivilegeAuditAlarmA
ReadEventLogW
EnumServicesStatusA
ReportEventA
FindFirstFreeAce
CryptDuplicateKey
RegCreateKeyW
MakeSelfRelativeSD
GetAce
LookupPrivilegeValueW
RegLoadKeyW
RevertToSelf
LookupAccountNameA
ReadEventLogA
LookupPrivilegeNameA
CryptContextAddRef
RegOpenKeyA
EqualPrefixSid
OpenThreadToken
QueryServiceObjectSecurity
CryptSetProviderExA
AbortSystemShutdownW
RegConnectRegistryA
RegReplaceKeyW

shell32

SHEmptyRecycleBinA
SHGetPathFromIDListW
SHAppBarMessage
SHGetFileInfoA
ShellExecuteExA
DoEnvironmentSubstW
SHGetDataFromIDListW
SHBrowseForFolderW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strlen

Sections

.text
Size: 265KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c9segivw
Size: 93B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7694748k
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

834bf9ede985269d83bcff3d313ed0d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 265KB - Virtual size: 268KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 11KB - Virtual size: 12KB

c9segivw Size: 93B - Virtual size: 4KB

7694748k Size: 512B - Virtual size: 4KB

.text
Size: 265KB - Virtual size: 268KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 11KB - Virtual size: 12KB

c9segivw
Size: 93B - Virtual size: 4KB

7694748k
Size: 512B - Virtual size: 4KB