c84542f239e0ee9eb726f699780e2022_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c84542f239e0ee9eb726f699780e2022_JaffaCakes118
Size

967KB
MD5

c84542f239e0ee9eb726f699780e2022
SHA1

e492735fdf46a8b976033cad45e98c7d90d2811a
SHA256

98c1ea50cf3c2ea29860c5af333debbeef388fd6228b58e474a676d162b71983
SHA512

1e47444680e1839591d5d8cdcdd578d88fd7e8f2f08b95f894726b17e899b6334c4e0aa372d2403355e66b94dad4f2408d324ca55f6370e25d65bb48ad3c8fac
SSDEEP

12288:d80Z3VfuF5SZ3ZxFaQSvIx0hs11m4ucWv9fViVaAhG9O6ZW+JUnyWY+YKElf67Hx:z3uF5SFQRvI0uZuAA9nZWeUij673B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c84542f239e0ee9eb726f699780e2022_JaffaCakes118

Files

c84542f239e0ee9eb726f699780e2022_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74f93428ddf72f1a351662f1db474030

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTitleA
SetupComm
VirtualQueryEx
GetSystemInfo
GetLongPathNameA
WriteProcessMemory
GlobalUnlock
GlobalFree
CreateDirectoryW
PeekNamedPipe
PeekConsoleInputW
GetCurrentProcessId
AreFileApisANSI
ExitProcess
SetTimeZoneInformation
CompareStringA
LoadLibraryExW
FillConsoleOutputCharacterA

user32

LockWindowUpdate
BeginDeferWindowPos
EnumDesktopWindows
GetKeyNameTextW
LoadIconA
SetPropW
FlashWindowEx
EnumThreadWindows
SwitchDesktop
MoveWindow
UpdateWindow
LoadIconW
GetSysColorBrush
CreateAcceleratorTableA
InternalGetWindowText
VkKeyScanA
InflateRect
wvsprintfA
CopyIcon
InsertMenuItemW
AttachThreadInput
MenuItemFromPoint
TranslateAcceleratorW
EnumWindowStationsA
LoadCursorFromFileW
CountClipboardFormats
OpenInputDesktop
GetDlgItem
SetCursorPos
GetScrollBarInfo
GetProcessWindowStation
InSendMessage
DrawAnimatedRects
AppendMenuA
DrawMenuBar
MonitorFromPoint
GetKeyboardLayout
CascadeWindows
ToUnicodeEx
EnumDisplayDevicesW
RegisterClipboardFormatA
EmptyClipboard
ReplyMessage

gdi32

EnumEnhMetaFile
GdiComment
PlayEnhMetaFileRecord
GetGlyphOutlineA
GetCharWidthW
GetEnhMetaFilePaletteEntries
ScaleViewportExtEx
OffsetWindowOrgEx
RectVisible
GetRgnBox
SetWindowExtEx
PolyBezier
PtInRegion
SetPaletteEntries
CreatePenIndirect

advapi32

GetNamedSecurityInfoW

shell32

SHChangeNotify
ExtractIconExW
SHGetSpecialFolderLocation

ole32

CLSIDFromString
CoGetInterfaceAndReleaseStream
CoGetTreatAsClass
CoCreateInstanceEx

oleaut32

SysAllocStringLen

comctl32

ImageList_SetImageCount
ImageList_Add
ImageList_GetImageCount

shlwapi

PathStripPathW
PathIsFileSpecA
StrCmpW

Sections

.text
Size: 5KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74f93428ddf72f1a351662f1db474030

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 5KB - Virtual size: 222KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 614KB - Virtual size: 614KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 222KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 614KB - Virtual size: 614KB

.rsrc
Size: 17KB - Virtual size: 16KB