bb1864a370611ceaeb942ec6847750ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb1864a370611ceaeb942ec6847750ad_JaffaCakes118
Size

909KB
MD5

bb1864a370611ceaeb942ec6847750ad
SHA1

2d5756cd3d4faba47b67d6b82e9750a32b08e36f
SHA256

738a115cb822fd064b55366c74e8c2767deb06159e5255e3f58db429ddc0b1b2
SHA512

404e9be8ce6e1145e66f82ed7c1d2703b6b536f5c256dc57047bb58dc62f7b2566162e02f258a7e448056c6ac48453f0b85ba29a9e8b6eafa6162eb497b51b6f
SSDEEP

12288:Pc6Qxcq0yoG74mGXWEfWo//Gb1ITkEbGb0ydYyJmjzYUzvODXFOni8HiV8Sp:Pm0g9EWYHy1Ij5ygjVKDXSyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb1864a370611ceaeb942ec6847750ad_JaffaCakes118

Files

bb1864a370611ceaeb942ec6847750ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10d69604677a3645683a5a1f2a3bc061

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetTempPathW
GetLongPathNameA
GetConsoleCursorInfo
CopyFileExW
GetCurrentProcessId
GetSystemTime
VirtualLock
IsDBCSLeadByteEx
PulseEvent
Beep
GetBinaryTypeA
GetProfileStringA
GetConsoleMode
SetupComm
CloseHandle
WriteProcessMemory
GetDateFormatA
CreateWaitableTimerA
FindCloseChangeNotification
GlobalAddAtomW
SetProcessAffinityMask
RaiseException
ExpandEnvironmentStringsW
WriteFile
MoveFileW
GetEnvironmentStringsW
_lclose
EnumTimeFormatsW
EnumCalendarInfoW
SwitchToFiber
SetCommTimeouts
FreeEnvironmentStringsA
GetComputerNameW
GetStringTypeExW
SetEnvironmentVariableW
CreatePipe
GetSystemDirectoryW
ClearCommBreak
VirtualProtect
GetOverlappedResult
WritePrivateProfileSectionW
GlobalFree
GetDriveTypeW
SetEvent
SizeofResource
GetHandleInformation
lstrcpynA
EnumResourceNamesW
CreateFileW
FindResourceExA
SetErrorMode
GetFileType
SearchPathW
LocalSize
FormatMessageA
FormatMessageW
GetProcessTimes
EnumResourceLanguagesW
GetCommState
SetMailslotInfo
WriteConsoleOutputCharacterA
WriteConsoleOutputW
FatalAppExitA
AllocConsole
ReadFileScatter
GlobalUnlock
GetModuleHandleA
GetTapeStatus
GetProcessHeap
ScrollConsoleScreenBufferA
TryEnterCriticalSection
GlobalFindAtomA
ReadConsoleInputW
SetSystemTime
InitializeCriticalSection
SetThreadLocale
MultiByteToWideChar
GlobalFindAtomW
SetFileAttributesA
GetCurrentProcess
GetVersion
GetSystemDefaultLangID
ExitProcess

user32

CharPrevA
DialogBoxIndirectParamW
SetUserObjectSecurity
CharLowerA
GrayStringA
DrawMenuBar
LoadAcceleratorsA
DefMDIChildProcA
CharUpperBuffA
DrawTextExA
TrackMouseEvent
wsprintfA
GetScrollRange
DeleteMenu
UnionRect
CreateMenu
SetCapture
GetPropW
GetDC

gdi32

BitBlt
ExcludeClipRect
CreateICW
GetCharacterPlacementA
EnumFontFamiliesW
CreateFontA
GetGlyphOutlineW

comdlg32

PrintDlgW
PageSetupDlgA
ChooseFontA

advapi32

CopySid
EnumServicesStatusA
GetAce
GetPrivateObjectSecurity
AccessCheck
RegisterServiceCtrlHandlerW
SetPrivateObjectSecurity
ImpersonateSelf
CloseEventLog
RegSetValueW
RegSetValueA
RegConnectRegistryW

shell32

ShellExecuteA
FindExecutableW
SHFileOperationW
Shell_NotifyIconA
ExtractIconExW
SHGetSpecialFolderLocation

ole32

StgOpenStorage
ReadClassStg
CoImpersonateClient
PropVariantCopy
CreateStreamOnHGlobal
StringFromGUID2
OleConvertIStorageToOLESTREAM
CoFreeAllLibraries
CoCreateInstanceEx

oleaut32

QueryPathOfRegTypeLi
LoadTypeLi

comctl32

ImageList_GetIconSize
ImageList_SetOverlayImage

shlwapi

StrRChrA
PathIsNetworkPathW
StrStrW
PathIsPrefixW
PathFileExistsA
PathStripPathA
PathRemoveArgsW
PathRemoveBackslashA

Sections

.text
Size: 2KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10d69604677a3645683a5a1f2a3bc061

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 209KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 568KB - Virtual size: 567KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 2KB - Virtual size: 209KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 568KB - Virtual size: 567KB

.rsrc
Size: 7KB - Virtual size: 6KB