bf44a100910121ae6dfad93410a27322_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf44a100910121ae6dfad93410a27322_JaffaCakes118
Size

256KB
MD5

bf44a100910121ae6dfad93410a27322
SHA1

429d1e35d3fb950dde6f526502ca1622268fb1f1
SHA256

41fe2c1cdc9909d2b6dc0bfc02b57a3d632331ae256efde84bf3a5bf120b528e
SHA512

dafcb40a9b73dd3d891bc4c570a01819fdbf5594ed57efb35fa52a1c9d8da95a14882f579febbcb6538d452e0d3a97928fc64b2431f69818e9a182edd174258d
SSDEEP

6144:FcK1vjQM3tXRbAx0vguTfmNglU6o91t+wz8:FcejQyXRcavguTfmwU6oDswI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf44a100910121ae6dfad93410a27322_JaffaCakes118

Files

bf44a100910121ae6dfad93410a27322_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef55732bf0efa3fbe70c39a9feb440c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
lstrcpyA
VirtualProtect
LocalLock
GetModuleHandleA
DeleteFiber
FormatMessageA
ReadConsoleA
OpenFile
CreateDirectoryExA
GetFileAttributesA
LoadLibraryExA
LeaveCriticalSection
SetStdHandle
lstrcmpiW
VirtualAllocEx
VirtualLock
IsBadWritePtr
IsValidLocale
ReadConsoleInputW
FileTimeToLocalFileTime
GetSystemTimeAdjustment
LocalSize
IsProcessorFeaturePresent
VirtualQuery
GetComputerNameW
GetLargestConsoleWindowSize
GetSystemDefaultLangID
PeekNamedPipe
SetLastError
CreateWaitableTimerA
ScrollConsoleScreenBufferA
SwitchToFiber
WritePrivateProfileStringW
GlobalFindAtomW
EnumCalendarInfoA
CreateDirectoryW
FormatMessageW
WriteProcessMemory
lstrcmpA
TryEnterCriticalSection
GetStartupInfoA
CreateNamedPipeW
UnmapViewOfFile
ExitProcess
CreatePipe
lstrlenA
GetVersionExA
VirtualAlloc

user32

MessageBoxIndirectW
CreateIcon
SetPropA
GetMessageExtraInfo
LoadKeyboardLayoutA
EnumDisplaySettingsExW
IsClipboardFormatAvailable
GetWindowRgn
GetUserObjectSecurity
RemovePropW
DialogBoxIndirectParamA
GetMessageTime
GetClipCursor
GetDCEx
SystemParametersInfoA
InvalidateRect
PostMessageA
GetActiveWindow
GetKeyboardType
ScrollWindowEx
ArrangeIconicWindows
GetNextDlgTabItem
TileWindows
GetKeyboardLayoutList
IntersectRect
EnumChildWindows
DialogBoxIndirectParamW
EndDialog
IsDlgButtonChecked
GetScrollInfo
CountClipboardFormats
GetClassLongW
CharLowerBuffW
GetMenuCheckMarkDimensions
GetSubMenu
ChildWindowFromPointEx
ShowOwnedPopups
SetWindowsHookW
IsDialogMessageW
ToUnicodeEx
InvalidateRgn

gdi32

PlayEnhMetaFileRecord
ScaleViewportExtEx
SetBitmapDimensionEx
OffsetViewportOrgEx
GetWindowOrgEx
StretchDIBits

comdlg32

FindTextA
GetFileTitleW
CommDlgExtendedError

advapi32

CryptReleaseContext
LockServiceDatabase
DuplicateTokenEx
CryptDestroyKey
CryptGenRandom
RegisterServiceCtrlHandlerA
SetNamedSecurityInfoA
RegRestoreKeyA
CryptSignHashW
CloseEventLog
GetExplicitEntriesFromAclW
BuildTrusteeWithSidW
ReadEventLogW
LogonUserA
ClearEventLogW
RegQueryValueExA
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyA
AccessCheckAndAuditAlarmA
ObjectCloseAuditAlarmA
AddAce
RegOpenKeyExA
GetFileSecurityA
CryptGetKeyParam
SetNamedSecurityInfoW
RegGetKeySecurity
StartServiceW
RegEnumValueA
EnumDependentServicesW
IsValidSid
ReportEventA
CreateServiceA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleBuildVersion
OleGetIconOfClass

oleaut32

LoadTypeLibEx
SafeArrayCreate
SafeArrayGetLBound

comctl32

ImageList_AddMasked

shlwapi

SHCopyKeyW
UrlCreateFromPathW
SHRegOpenUSKeyW
StrRChrW

msvcrt

__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef55732bf0efa3fbe70c39a9feb440c6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB