c76a8123e7acd6a4499ee3955033c9c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c76a8123e7acd6a4499ee3955033c9c3_JaffaCakes118
Size

340KB
MD5

c76a8123e7acd6a4499ee3955033c9c3
SHA1

932cd33734fe66c595dcb5802f1a154249e4a192
SHA256

2a47bd8051cc3dc3b33f5c77dc3f535f316209564850249696518032fed43846
SHA512

af7e92202eddca2f9d5b6eff31890224a923c49aaca5575ad3a4dc1019531db49ae3c8b154b4e0f38d0999d7d1298c4ccbea970b1fd1fbac51e8b918360eab76
SSDEEP

6144:ssGOYUn+hjm/AxY6ljEMvEDevqxOqED1EP/i:IknMxxgMvEKyxI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c76a8123e7acd6a4499ee3955033c9c3_JaffaCakes118

Files

c76a8123e7acd6a4499ee3955033c9c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86bc5e752c17c881682a179bd9a3c35a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
SearchPathW
CancelIo
DeleteFiber
SetErrorMode
GetProfileStringA
GetPrivateProfileStringA
CloseHandle
EnumCalendarInfoA
SetTimeZoneInformation
MoveFileExA
QueryDosDeviceA
GetFileInformationByHandle
WritePrivateProfileSectionW
GetConsoleCursorInfo
ReadFileScatter
ReadDirectoryChangesW
GetPrivateProfileSectionW
SetThreadAffinityMask
WriteConsoleOutputW
DebugBreak
WriteConsoleOutputCharacterA
SwitchToFiber
GetCommState
CreateMutexA
IsBadStringPtrA
CreateDirectoryA
GetSystemTimeAdjustment
WaitNamedPipeA
SetCurrentDirectoryA
EnumTimeFormatsW
GetTempFileNameA
GetUserDefaultLangID
GlobalReAlloc
GetProcessTimes
SetProcessWorkingSetSize
CreateNamedPipeW
FindNextChangeNotification
SetCommTimeouts
GetACP
AreFileApisANSI
DeleteCriticalSection
GlobalFlags
FindResourceExW
_lclose
ReleaseSemaphore
SetLastError
ReadFile
PulseEvent
VirtualFree
RemoveDirectoryW
GlobalDeleteAtom
SetFileAttributesA
SetupComm
CreateFileW
TryEnterCriticalSection
CreateIoCompletionPort
GetCompressedFileSizeW
SetConsoleOutputCP
_hread
FreeLibrary
GlobalFindAtomW
OutputDebugStringW
QueryDosDeviceW
SetSystemTime
SetConsoleCursorPosition
CompareStringA
SetProcessShutdownParameters
VirtualQueryEx
OpenSemaphoreW
GetShortPathNameW
GetTimeZoneInformation
VirtualProtect
LoadResource
FlushFileBuffers
GetOverlappedResult
GetCurrentProcess
GetLocaleInfoW
GetTickCount
SetThreadLocale
SetCommMask
SetStdHandle
GetFileType
DosDateTimeToFileTime
LoadLibraryExA
SuspendThread
GetWindowsDirectoryA
GetCommandLineA
VirtualAlloc
ExpandEnvironmentStringsW
ExitProcess

user32

GetCursor
IsWindowUnicode
GetDesktopWindow
CopyAcceleratorTableW
GetClipboardViewer
CharToOemW
SetMenuDefaultItem
GetWindowPlacement
ChildWindowFromPoint
EqualRect
DefFrameProcW
LoadCursorW
CreateCursor
GetCaretBlinkTime
SetParent
GetMenuItemID
IsWindowVisible
PostThreadMessageW
SendMessageW
CopyIcon
DrawTextExW
EndDeferWindowPos
GetNextDlgGroupItem
FindWindowExA
DestroyCursor
GetUpdateRect
DrawCaption
GetClassInfoA
SetMenuItemBitmaps
IsZoomed
WinHelpA
UnregisterClassA
FillRect
InvalidateRect
GetScrollInfo
AdjustWindowRectEx
GetWindowRect
DragDetect
CallNextHookEx
SetTimer
SetRectEmpty
WaitMessage
EnumDisplayMonitors
CloseWindowStation
CloseDesktop

gdi32

SetViewportOrgEx
CreateSolidBrush
CreateDIBitmap

comdlg32

ChooseFontW

advapi32

RegRestoreKeyA
RegSaveKeyA
CryptDeriveKey
SetEntriesInAclA
CopySid
RegCreateKeyExA
OpenProcessToken
AdjustTokenPrivileges
RegOpenKeyExW
RegDeleteKeyW
RegSaveKeyW
ReportEventW
CryptSignHashW
RegSetValueExW
GetFileSecurityA
CreateProcessAsUserW
CryptImportKey
LookupAccountSidW
CryptGetProvParam
AccessCheck
SetSecurityDescriptorDacl
SetThreadToken
GetSidIdentifierAuthority
SetServiceStatus
CryptSetProvParam
GetSecurityDescriptorSacl
RegSetValueW
EnumDependentServicesA
AccessCheckAndAuditAlarmA
IsValidSid
RegQueryValueExA
QueryServiceStatus
CryptGetUserKey
ObjectCloseAuditAlarmA
OpenSCManagerW
AbortSystemShutdownA
ControlService
QueryServiceLockStatusW
GetSidSubAuthorityCount

shell32

DragQueryPoint
SHFileOperationW
ExtractIconA
SHChangeNotify

ole32

GetClassFile
CoSwitchCallContext
OleCreate

oleaut32

VariantChangeType
SafeArrayUnaccessData
SafeArrayRedim
SysStringLen
SafeArrayGetLBound

comctl32

ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Destroy
ImageList_GetImageInfo

shlwapi

StrDupA
PathIsFileSpecA

Sections

gugoe
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

misqm
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

coqesaa
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uuoeqmm
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86bc5e752c17c881682a179bd9a3c35a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

gugoe Size: 4KB - Virtual size: 3KB

misqm Size: 8KB - Virtual size: 5KB

coqesaa Size: 288KB - Virtual size: 284KB

uuoeqmm Size: 36KB - Virtual size: 32KB

gugoe
Size: 4KB - Virtual size: 3KB

misqm
Size: 8KB - Virtual size: 5KB

coqesaa
Size: 288KB - Virtual size: 284KB

uuoeqmm
Size: 36KB - Virtual size: 32KB