d32c01b0fb50b64d5f2b710b405a1e5b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d32c01b0fb50b64d5f2b710b405a1e5b_JaffaCakes118
Size

5.8MB
MD5

d32c01b0fb50b64d5f2b710b405a1e5b
SHA1

32a26a66a23242e7d710b2b9cb42174692bbf5fb
SHA256

55797e90d86347bbbff596adfd1e54c226a68da438089eaf07188f8eafad8e72
SHA512

7c58428fe4b0821166540e08ff50cd38b09bde84b6091168c1cc0a1a3a5825c9ebe89968a54d55d7ecd4929d56dd97627ebde65ad06ca6ac6f6eb5756f6e3da4
SSDEEP

98304:7eELJziqJZ+xhfVA/rhD8hgdnL6JoOws4ZwuvzGPfaFIoDxq4uZWR/dE0Zjik:CELtlZ+x4/N8hiJHKuvMADA1YR/K0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d32c01b0fb50b64d5f2b710b405a1e5b_JaffaCakes118

Files

d32c01b0fb50b64d5f2b710b405a1e5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9057be52f2c1e9199c73122525698c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
ExitProcess
GetSystemDirectoryW
PulseEvent
_hread
lstrcatW
SetMailslotInfo
IsProcessorFeaturePresent
lstrcpynA
DosDateTimeToFileTime
GetEnvironmentVariableW
SetNamedPipeHandleState
EnumTimeFormatsW
GetCompressedFileSizeW

user32

RegisterClassExW
IsWindow
IsDlgButtonChecked
IsMenu
SetUserObjectSecurity
ToAscii
ArrangeIconicWindows
UnregisterDeviceNotification
CallWindowProcW
GetPropA
wvsprintfW
ValidateRgn
GetKeyNameTextW
ChildWindowFromPoint
ChildWindowFromPointEx
EnumDisplaySettingsExA
GrayStringA
IsCharUpperW
IsWindowVisible
EnumDisplaySettingsW
TabbedTextOutW
GetWindowRgn
DrawFrameControl

gdi32

SetDIBits
CreatePolygonRgn
GetPolyFillMode
CreateDiscardableBitmap
FillRgn
SelectObject
RectVisible
GetFontLanguageInfo
GetRgnBox
GetTextColor
SetWindowExtEx
PolyBezierTo
RemoveFontResourceA
SetViewportExtEx

comdlg32

GetSaveFileNameA

advapi32

LookupPrivilegeDisplayNameA
CryptExportKey
RegEnumValueW
CryptSetKeyParam
GetPrivateObjectSecurity
AccessCheckAndAuditAlarmW
OpenEventLogW
GetSecurityDescriptorLength
GetFileSecurityW
OpenSCManagerW
CreateServiceW
CryptGetKeyParam
GetFileSecurityA
InitiateSystemShutdownW
AbortSystemShutdownW
CryptHashData
GetSecurityInfo
AddAce
EnumServicesStatusW
EqualSid
RegSetValueA
StartServiceCtrlDispatcherA
RegRestoreKeyA
RegSetValueExA
GetServiceDisplayNameW
RegLoadKeyA
AllocateAndInitializeSid
ObjectCloseAuditAlarmA
SetServiceObjectSecurity
OpenServiceW
GetNamedSecurityInfoA
NotifyBootConfigStatus
OpenThreadToken
AdjustTokenPrivileges
RegOpenKeyA
CreatePrivateObjectSecurity
LookupAccountSidA

shell32

SHGetSpecialFolderLocation
FindExecutableA
ExtractIconExW

ole32

StgSetTimes
OleCreate
OleCreateFromData
StgOpenStorage

oleaut32

SafeArrayGetElement
LoadTypeLi
SysStringLen
SysAllocStringLen
LoadTypeLibEx
SysFreeString

comctl32

ImageList_Destroy
ImageList_Replace
ImageList_GetIconSize

shlwapi

PathAppendW

Sections

.text
Size: 13KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9057be52f2c1e9199c73122525698c5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 13KB - Virtual size: 234KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 13KB - Virtual size: 234KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB