c0d9d607b44572086e19f6295bc7be03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0d9d607b44572086e19f6295bc7be03_JaffaCakes118
Size

296KB
MD5

c0d9d607b44572086e19f6295bc7be03
SHA1

36aa31dad1be1c56106971b6dbf2679c58c7a6c3
SHA256

ba7f1dc9df103563f38bae08f6a8c7fdff0768009bd0fd6021e8cb0c17a91448
SHA512

f11d1717f6243fc10d86df4fb34398923eee4ba415071c04f1d8eaf7ed8a6a27d3478af17a8e7b3ce24e434c23b73aff1ef1a9d0d96352211b9cb4ee3360dd6e
SSDEEP

6144:UrDBOi5HinCGkJ6tB6aYZGfqjb40uwvQRjElV8d/nTN+wl4bdWLLu:q1mJBL7q3zvQ1GV8dZ6cLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0d9d607b44572086e19f6295bc7be03_JaffaCakes118

Files

c0d9d607b44572086e19f6295bc7be03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69a54ca3026cdbb93dbc89b269e368dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
GetSystemDirectoryW
CreateFileMappingA
TerminateProcess
LocalReAlloc
GetPrivateProfileIntW
GetSystemInfo
WritePrivateProfileStructA
ReadConsoleOutputW
EnumDateFormatsW
GlobalAlloc
UnhandledExceptionFilter
GetDateFormatA
GetProfileStringA
ScrollConsoleScreenBufferA
CreateSemaphoreW
CreateRemoteThread
SetPriorityClass
WinExec
GetOverlappedResult
GetTapeStatus
GetUserDefaultLangID
GetDateFormatW
SetCommBreak
GetCommProperties
SetTapePosition
CompareStringA
IsBadWritePtr
SwitchToFiber
GetConsoleTitleA
DeleteFileW
LockResource
SetConsoleTitleA
ClearCommError
GetEnvironmentStrings
HeapFree
SetConsoleWindowInfo
GetStringTypeExA
SystemTimeToTzSpecificLocalTime
FlushInstructionCache
UnlockFileEx
SetMailslotInfo
GetStringTypeA
Sleep
OpenFileMappingW
lstrcpynA
SetThreadPriority
CreateWaitableTimerA
FindResourceA
GetCurrentDirectoryW
WriteConsoleOutputW
GetPrivateProfileSectionW
CreateDirectoryA
CreateMailslotW
GlobalDeleteAtom
GetProcessTimes
lstrcmpA
lstrlenA
SetEnvironmentVariableW
CompareFileTime
DeleteFiber
IsBadCodePtr
BackupRead
PrepareTape
GetACP
lstrcpyW
LCMapStringA
GetVersion
GetVersionExW
GetFileSize
EnumSystemCodePagesW
FormatMessageW
GlobalFlags
EnumSystemLocalesA
GlobalMemoryStatus
RaiseException
CopyFileA
InterlockedDecrement
ReleaseSemaphore
WaitForMultipleObjects
IsDBCSLeadByteEx
VirtualAllocEx
EnumResourceNamesW
TlsSetValue
VirtualLock
SetHandleCount
SetConsoleMode
ReadFile
GetPrivateProfileIntA
UnmapViewOfFile
CopyFileExW
FindResourceW
VirtualQuery
GetSystemTime
SetCommState
ExitThread
SetTapeParameters
WritePrivateProfileStringA
GetModuleHandleA
SetCurrentDirectoryA
SetVolumeLabelW
lstrlenW
CreateFileW
HeapSize
OpenFileMappingA
GetTempFileNameW
GetProcAddress
GetConsoleOutputCP
GetVersionExA
GetStartupInfoA

user32

OpenDesktopW
EnumWindows
LoadMenuW
GetMenuItemID
WindowFromDC
ScrollDC
GetKeyboardLayout
LoadStringA
GetWindowRgn
ChangeMenuW
SendMessageTimeoutA
UnloadKeyboardLayout
AppendMenuA
DrawCaption
ModifyMenuW
MapDialogRect
GetDlgItemInt
SetScrollRange
DeleteMenu
VkKeyScanA

comdlg32

ReplaceTextW
CommDlgExtendedError
ChooseColorA
PrintDlgW

advapi32

RegEnumKeyExW
SetEntriesInAclW
GetSecurityInfo
SetSecurityInfo
ControlService

shell32

FindExecutableW
ShellExecuteExW

ole32

CoFreeUnusedLibraries

oleaut32

LoadTypeLibEx
RegisterTypeLi
GetActiveObject
SysAllocStringLen
CreateErrorInfo

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_DragLeave

shlwapi

PathQuoteSpacesW
UrlIsW
PathRemoveFileSpecA
SHCopyKeyA
SHSetValueA
SHRegGetUSValueW
StrCmpNIA
StrCmpLogicalW
StrFormatByteSizeW
StrCatW
SHRegOpenUSKeyW
PathUndecorateW
StrStrA
PathFileExistsW
PathIsRootW
PathStripToRootW
PathUnquoteSpacesA

setupapi

SetupOpenLog
SetupDiGetClassDevsA
SetupDiBuildClassInfoList
SetupCloseFileQueue
SetupDiClassGuidsFromNameExA
SetupDiDeleteDeviceInfo

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

33E0x8RB
Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xfMbh0A0
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

u5ke2G3f
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69a54ca3026cdbb93dbc89b269e368dc

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

33E0x8RB Size: 272KB - Virtual size: 270KB

xfMbh0A0 Size: 8KB - Virtual size: 5KB

u5ke2G3f Size: 12KB - Virtual size: 11KB

33E0x8RB
Size: 272KB - Virtual size: 270KB

xfMbh0A0
Size: 8KB - Virtual size: 5KB

u5ke2G3f
Size: 12KB - Virtual size: 11KB