d0b6e7962a8c8e47a18c9d44b7599abd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d0b6e7962a8c8e47a18c9d44b7599abd_JaffaCakes118
Size

252KB
MD5

d0b6e7962a8c8e47a18c9d44b7599abd
SHA1

05cf87204cdc610da466f86884c0bd52cf293f9f
SHA256

12b8410918becea33d018ab98a4598e03f9ca5104c7a2bafcadfc4e52a8ac154
SHA512

e864f4e6fb96f71b8d534b0cd7ead760c6a7c1a9c1d36772458a056a939e8b564940a099a95f7d9398df31026289ebf799df423a03104a1ea70e5b6e4c980013
SSDEEP

6144:U9fPqSyJKtMW8MXPBA/WswQMdeFm1a0RI06SUm8mM1ywUc:URPNEKtHCWswhdGmqg9M1ywUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b6e7962a8c8e47a18c9d44b7599abd_JaffaCakes118

Files

d0b6e7962a8c8e47a18c9d44b7599abd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f578aaf2d7cda8cf24e466988d5af31d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentDirectoryW
ScrollConsoleScreenBufferA
TlsGetValue
FlushConsoleInputBuffer
DebugBreak
GetFullPathNameA
LocalReAlloc
LocalLock
DeleteCriticalSection
SetErrorMode
GetSystemTimeAsFileTime
ExitProcess
MoveFileW
ExitThread
OpenFile
GetBinaryTypeW
WriteConsoleOutputW
GlobalFindAtomW
FormatMessageW
SetConsoleActiveScreenBuffer
GetShortPathNameW
GenerateConsoleCtrlEvent
GetVolumeInformationW
ReleaseMutex
LoadLibraryExA
WaitNamedPipeA
FreeEnvironmentStringsA
GetThreadPriority
EnumSystemCodePagesW
CreateMutexA
CancelIo
CreateDirectoryExA
GetLargestConsoleWindowSize
GetConsoleCursorInfo
ReadFileScatter
ReadDirectoryChangesW
GetVersionExA
VirtualAlloc

user32

AppendMenuA
EndPaint
GetClipCursor
CreateDesktopA
GetWindowTextW
GetShellWindow
IsWindowVisible
SetWindowLongW
GetKeyboardLayoutNameA
ChildWindowFromPoint
IsZoomed
CheckMenuRadioItem
SwapMouseButton
DeleteMenu
GetCursor
LoadImageA
SendMessageCallbackW
ChangeDisplaySettingsA
CopyImage
GetKeyboardState
SetLastErrorEx
GetClassNameA
VkKeyScanA
EnumThreadWindows
OemToCharA
RegisterClassExW
GetWindowTextA
CharLowerBuffW
LoadBitmapA
WaitMessage
IntersectRect
WaitForInputIdle
SetWindowWord
SetCapture
GetParent
HideCaret
LockWindowUpdate
GetUserObjectSecurity
SendNotifyMessageW
RegisterClassA
GetTabbedTextExtentA
EmptyClipboard
ChildWindowFromPointEx
GetMenuCheckMarkDimensions
SetMessageQueue
GetMessageW
SetScrollPos
GetCaretBlinkTime
OpenWindowStationA
GetWindowRect
CountClipboardFormats
SendDlgItemMessageW
TranslateAcceleratorA
CloseDesktop
SetWindowsHookExA
GetAncestor
TranslateMessage
wsprintfA
LoadStringA
TranslateMDISysAccel
CreateDialogParamW
GetProcessDefaultLayout
IsCharAlphaW
GetUpdateRgn
VkKeyScanW

gdi32

ScaleViewportExtEx
SetBitmapBits

comdlg32

PageSetupDlgA
PageSetupDlgW
GetFileTitleA

advapi32

IsTextUnicode
GetSecurityDescriptorSacl
AddAccessAllowedAce
CryptDestroyKey
CreateServiceA
BuildTrusteeWithNameW
CryptGetUserKey
AddAccessDeniedAce
GetExplicitEntriesFromAclW
EqualSid
CryptHashData
GetUserNameA
ObjectCloseAuditAlarmW
GetFileSecurityW
RegConnectRegistryA
LookupPrivilegeDisplayNameA
RegQueryInfoKeyW
GetSecurityDescriptorGroup
AdjustTokenPrivileges
RegConnectRegistryW
RegSetValueExW
MakeSelfRelativeSD
GetSecurityDescriptorDacl
GetServiceDisplayNameW
CryptSignHashW
CryptDeriveKey
StartServiceCtrlDispatcherW
RegDeleteKeyA
RegLoadKeyA
OpenServiceW
CryptAcquireContextA
StartServiceW
AccessCheckAndAuditAlarmA
RegisterServiceCtrlHandlerA
CreateProcessAsUserW
RegUnLoadKeyW
RegisterServiceCtrlHandlerW
RegEnumValueA

shell32

DragAcceptFiles
DragFinish
SHBrowseForFolderA
Shell_NotifyIconW
ExtractIconA

ole32

OleGetIconOfClass
OleCreateMenuDescriptor
OleConvertIStorageToOLESTREAM
StgCreateStorageEx
CoImpersonateClient
StgOpenStorage
ReadClassStg
RevokeDragDrop
OleBuildVersion

oleaut32

LoadTypeLi
SafeArrayGetLBound
SetErrorInfo
SafeArrayCreate

shlwapi

PathStripToRootW
PathSkipRootW
StrCmpNIA
PathQuoteSpacesA
StrRChrW
StrStrW
SHCopyKeyW
ChrCmpIW
PathRemoveBlanksW
SHGetValueW
SHOpenRegStream2W
UrlApplySchemeW
SHRegCloseUSKey
AssocQueryKeyW
StrPBrkW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f578aaf2d7cda8cf24e466988d5af31d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB