bff95dd6271f2264be4c68fcb3469119_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bff95dd6271f2264be4c68fcb3469119_JaffaCakes118
Size

737KB
MD5

bff95dd6271f2264be4c68fcb3469119
SHA1

c68f9b902e8a1611c84102d7833c64477e8775ca
SHA256

b9e07a63ee8cc81d3b8da97a578b6dcdf6af2aab487f7f06bc82101e465f6a48
SHA512

65269a0baf888071e520cb89147c176e4959f187ad81778253803db4ab42b667e3f339bbda91641efa2a9f592adf69a622894eaf14dcc78cd7e31f7e5d1a6144
SSDEEP

12288:aLDhJ1Cgf2s4h308lruBAc4Vo/O9SSfphdNpjNbOS37y+BrpS22suIHMTKlo7JTV:C/tJAkuYNWo/OcCNJnL5r12suQMTioN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bff95dd6271f2264be4c68fcb3469119_JaffaCakes118

Files

bff95dd6271f2264be4c68fcb3469119_JaffaCakes118
.exe windows:6 windows x86 arch:x86

2e5f10fb048c4799cc54091b7e1975e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
lstrcpynA
GetMailslotInfo
IsDebuggerPresent
_hread
CreateHardLinkA
WritePrivateProfileSectionA
SetCalendarInfoA
CreateSemaphoreA
IsBadStringPtrA
GetSystemTimeAsFileTime
GetPrivateProfileSectionNamesA
CommConfigDialogW
GetComputerNameExA
ReadFileScatter
FindVolumeClose
SetFilePointerEx
FindNextVolumeA
CreateMailslotW
SizeofResource
OpenSemaphoreA
TlsAlloc
GetCommState
GetCurrentProcess
GlobalUnfix
lstrcmpA
ExpandEnvironmentStringsW
SetProcessWorkingSetSize
SetDefaultCommConfigA
MoveFileA
GetPrivateProfileSectionNamesW
FindFirstVolumeMountPointW
LocalLock
GetLocalTime
DefineDosDeviceA
lstrcpyA
GetComputerNameExW
GetProcessTimes
FindNextVolumeMountPointW
GlobalUnlock
CompareFileTime
GetExitCodeThread
LockFileEx
SetVolumeMountPointW
FlushFileBuffers
GetCPInfo
GetHandleInformation
CreateEventA
CreateJobObjectA
ReleaseSemaphore
GetUserDefaultUILanguage
InitAtomTable
OpenFileMappingA
TlsGetValue
GetProcessAffinityMask
GetDefaultCommConfigW
GetFileType
IsProcessorFeaturePresent
CreateMailslotA
SetSystemTimeAdjustment
GetProfileIntW
MoveFileExA
EnumResourceLanguagesA
GetProcessPriorityBoost
GetLogicalDrives
SetLocaleInfoW
GetSystemDefaultLCID
FindResourceExA
SetEnvironmentVariableA
FindNextChangeNotification
QueueUserAPC
CreateFileA
GlobalFree
GlobalSize
WaitNamedPipeW
GetThreadLocale
GetSystemTimeAdjustment
SetThreadLocale
GetProfileStringW
lstrcpyW
GetCommandLineW
RtlUnwind
ExitProcess
IsBadCodePtr
CreateMutexW
GetUserDefaultLCID
RemoveDirectoryA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCompressedFileSizeW
GetDevicePowerState
OpenFileMappingW
GetLastError
GetEnvironmentVariableA
GetComputerNameA
FlushViewOfFile
SetStdHandle

shlwapi

PathAppendA
PathCombineA

comctl32

InitCommonControlsEx

user32

GetKeyState
LoadCursorW
GetParent
DrawTextW
SetDlgItemTextW
PtInRect
MoveWindow
PostMessageW
DialogBoxParamW
EndDialog
SetTimer
LoadBitmapW
DrawMenuBar
DispatchMessageW
CheckRadioButton
GetDesktopWindow
LoadStringA
GetWindowPlacement
FrameRect
EnableMenuItem
DefWindowProcW
InvertRect
EndPaint
SetRect
RegisterClassW
LoadStringW
DestroyWindow
InvalidateRect
CreateWindowExW
LoadIconW
GetMessageW
PostQuitMessage
GetSubMenu
FillRect
TranslateAcceleratorW
BeginPaint
GetDlgItemTextW
WaitMessage
MessageBoxA
GetClientRect
ReleaseDC
GetDlgItem
WinHelpW
OffsetRect
SendMessageW
GetWindowRect
GetMenu
UnionRect
IsZoomed
IsDlgButtonChecked
LoadAcceleratorsW
ShowWindow
TranslateMessage
CheckDlgButton
SetCapture
GetForegroundWindow
GetSystemMetrics
IsIconic
UpdateWindow
IntersectRect
MessageBoxW
ReleaseCapture
wsprintfW
GetDC
PeekMessageW

advapi32

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e5f10fb048c4799cc54091b7e1975e5

Headers

File Characteristics

Imports

kernel32

shlwapi

comctl32

user32

advapi32

Sections

.text Size: 291KB - Virtual size: 290KB

.data Size: 244KB - Virtual size: 596KB

.rdata Size: 10KB - Virtual size: 9KB

.rsrc Size: 182KB - Virtual size: 182KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 291KB - Virtual size: 290KB

.data
Size: 244KB - Virtual size: 596KB

.rdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 182KB - Virtual size: 182KB

.reloc
Size: 8KB - Virtual size: 8KB