b372d6882fec4474b16e3a73e0ac2336_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b372d6882fec4474b16e3a73e0ac2336_JaffaCakes118
Size

2.1MB
MD5

b372d6882fec4474b16e3a73e0ac2336
SHA1

faad420f19db3fe921486d014777d1ec51a2dce3
SHA256

ccb44fb2445074a4cf15833b657f4b3b7e4bdc50aaa91c6c8355b965d43157c4
SHA512

1a461c70398e62832b6fb22f4b91fa2ae74ba048d19d12c2400c97625fb8593c30fb890f3507439a93b139227d725f1281ffdee0af3fa401823fa8a7c8aa39f6
SSDEEP

49152:0XxnOEGL+SzJnYQbjy0hO6DybU6aoY3C9spE8Wp8a:0hOZ+SzJYQPy0hO6OoZoMC9D8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b372d6882fec4474b16e3a73e0ac2336_JaffaCakes118

Files

b372d6882fec4474b16e3a73e0ac2336_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
VirtualQueryEx
EnumResourceLanguagesW
UnhandledExceptionFilter
GlobalReAlloc
GetTapeStatus
GetVolumeInformationW
VirtualFree
GetThreadContext
ConnectNamedPipe
SetThreadLocale
TryEnterCriticalSection
SetSystemTime
CreateEventA
CreateDirectoryA
EndUpdateResourceA
EnumResourceNamesA
LocalLock
SwitchToFiber
UnmapViewOfFile
AreFileApisANSI
LocalReAlloc
PeekConsoleInputW
GetNumberFormatW
GetProcessTimes
OpenFile
GetDateFormatA
EnumDateFormatsW
FreeLibraryAndExitThread
EnumSystemCodePagesA
FindResourceExA
IsDBCSLeadByteEx
SetConsoleActiveScreenBuffer
SetCommMask
RaiseException
LoadLibraryExW
GetAtomNameA
GlobalFlags
GetCurrentDirectoryW
IsProcessorFeaturePresent
CreateDirectoryW
GetSystemDefaultLangID
GetTimeZoneInformation
GetBinaryTypeW
GetHandleInformation
VirtualProtect
GlobalUnlock
WritePrivateProfileSectionA
GlobalFindAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleHandleA
SetLastError
GetProcessHeap
ReleaseSemaphore
FillConsoleOutputCharacterA
FreeLibrary
SetTimeZoneInformation
GetTempFileNameA
SetNamedPipeHandleState
FindFirstFileExW
FlushConsoleInputBuffer
GetOverlappedResult
WriteConsoleOutputW
OpenSemaphoreW
lstrcatW
GetCommState
lstrcmpA
IsBadReadPtr
SuspendThread
GetCommandLineW
ExitProcess

user32

DispatchMessageW
CreateAcceleratorTableW
EnumDisplaySettingsExW
SendNotifyMessageA
DefFrameProcW
SetPropA
ToUnicode
GrayStringA
GetNextDlgTabItem
RedrawWindow
ChildWindowFromPoint
ChildWindowFromPointEx
CharToOemW
ChangeClipboardChain
GetWindow
GetMenuStringA
GetMenuInfo
GetUserObjectInformationW
GetShellWindow
ModifyMenuW
CreateDialogParamW
ShowWindow
NotifyWinEvent
BroadcastSystemMessageW
SetPropW

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GetCharWidth32A
CreateDiscardableBitmap
GetTextCharacterExtra
EnumFontFamiliesExA
SetSystemPaletteUse
BitBlt
ExtCreatePen
GetBkColor
EnumFontFamiliesExW
GetBkMode
PolyPolyline
GetCurrentPositionEx
StartPage
DescribePixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
GetAclInformation
InitializeSid
RegRestoreKeyW
CreateServiceW
CryptVerifySignatureA
MakeSelfRelativeSD
FreeSid
RegisterServiceCtrlHandlerA
CryptAcquireContextW

shell32

ShellExecuteA

ole32

CoLockObjectExternal
OleLockRunning
OleCreateFromData
ReadClassStg
ProgIDFromCLSID
RevokeDragDrop
ReadFmtUserTypeStg
CoMarshalInterface

oleaut32

SafeArrayPutElement
LoadTypeLi
VariantCopy
SafeArrayCreate

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

PathIsSameRootW
PathGetDriveNumberA
StrCmpNA
PathUndecorateW
StrCatW
HashData
PathStripPathA
SHSetThreadRef
StrRStrIW
PathRemoveBlanksA
StrFormatByteSize64A
PathParseIconLocationW
PathUnquoteSpacesA
UrlApplySchemeW
PathIsPrefixW
SHRegWriteUSValueW
StrRetToStrW
UrlCombineW

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB