da1bb1c6702d679150bb8b4b47aa3f09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da1bb1c6702d679150bb8b4b47aa3f09_JaffaCakes118
Size

388KB
MD5

da1bb1c6702d679150bb8b4b47aa3f09
SHA1

640a1312551673fedcdc56b3141e3fc94ac2ac32
SHA256

73cc669a5912a4efad8dc68a88a0dcda24b3e121e492191ddc9003f92bcf9692
SHA512

a276a000292ca0d37f988c2f63a87df4a6ef53c48bf6adc3a8ba92535f227412478f7fad649ccecfe11298092dc5e8a0d0c44606ade282af25d534189c01586a
SSDEEP

6144:OZBTYXevbcAKajW4kv0y+0a+HAS5K6K3zMD5bsPKWP4CGTJXn7KmE9:fXezcAKa7kvpHAS5Kb4D5ASWP2t7Km+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da1bb1c6702d679150bb8b4b47aa3f09_JaffaCakes118

Files

da1bb1c6702d679150bb8b4b47aa3f09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79a2eacb5ca78bbd69786b9e56dc59de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
EnumCalendarInfoW
SetConsoleTitleA
LocalLock
GetLargestConsoleWindowSize
GetDriveTypeW
MoveFileW
GetSystemTime
GetAtomNameA
FormatMessageW
GetNumberFormatW
lstrcpynA
GetTempFileNameA
LoadLibraryExA
CreateNamedPipeW
LocalReAlloc
DeleteCriticalSection
GlobalFree
VirtualProtect
RemoveDirectoryA
GetPrivateProfileStringW
GlobalFlags
_hread
VirtualUnlock
GlobalFindAtomW
GetVersionExA
GetCommandLineA
CreateMutexW
GetStartupInfoA
lstrcatW
OutputDebugStringA
FindFirstFileW
FreeLibrary
LeaveCriticalSection
SetProcessAffinityMask
SetNamedPipeHandleState
LoadResource
FatalAppExitA
CreateWaitableTimerA
GetLogicalDriveStringsA
GetModuleFileNameW
CreateEventA
SetEndOfFile
SuspendThread
UnmapViewOfFile
lstrcpyA
SetProcessWorkingSetSize
GetCurrentProcessId
ClearCommBreak
GlobalAddAtomW
SetConsoleWindowInfo
VirtualQuery
GenerateConsoleCtrlEvent
GetOEMCP
FindFirstFileA
TryEnterCriticalSection
GetProfileStringA
_lread
GetShortPathNameA
GetEnvironmentVariableW
RaiseException
OpenMutexA
CreateDirectoryExA
VirtualFree
SetTimeZoneInformation
GetOverlappedResult
GetSystemTimeAsFileTime
ReadConsoleInputW
GetCommState
GetUserDefaultLCID
GetCompressedFileSizeW
CreateMutexA
IsBadWritePtr
GetProcessHeap
ExitProcess

user32

GetDlgItemInt
ChildWindowFromPoint
keybd_event
DrawIconEx
MenuItemFromPoint
GrayStringA
SubtractRect
GetTabbedTextExtentA
LoadStringW
OemToCharA
GetWindowInfo
FindWindowA
RemovePropW
WaitForInputIdle
GetWindowContextHelpId
ChangeDisplaySettingsA
RedrawWindow
ChangeDisplaySettingsW
LoadIconA
EnumDisplayMonitors
RegisterClassExA
CreateAcceleratorTableA
WindowFromDC

gdi32

ModifyWorldTransform
CloseEnhMetaFile
GetObjectW
CreateEllipticRgnIndirect
InvertRgn
GetStockObject
SetSystemPaletteUse
GetSystemPaletteEntries
GetClipRgn

comdlg32

ChooseColorW
PrintDlgA
ChooseFontW
PageSetupDlgA

advapi32

SetSecurityDescriptorOwner
ObjectCloseAuditAlarmW
ChangeServiceConfigA
RegEnumKeyW
GetUserNameA
CreateProcessAsUserA
MakeSelfRelativeSD
GetSidSubAuthority
NotifyChangeEventLog
IsValidSid
CreateServiceW
RegSetValueA
RegCreateKeyExA
RegCloseKey
CreateServiceA
OpenEventLogW
RegSetValueExA
SetSecurityDescriptorSacl
IsValidAcl
GetSecurityDescriptorOwner
SetTokenInformation
RegQueryValueExW
RegFlushKey
AdjustTokenPrivileges
LookupPrivilegeDisplayNameA
OpenSCManagerW
EnumServicesStatusW
RegSetValueW
CryptAcquireContextA
LookupPrivilegeValueW
GetServiceDisplayNameW
CryptGenKey
IsValidSecurityDescriptor
AccessCheckAndAuditAlarmA
GetTokenInformation

shell32

SHGetSettings

ole32

OleIsRunning
OleRegGetMiscStatus
CoResumeClassObjects
OleFlushClipboard
CoMarshalInterThreadInterfaceInStream
GetRunningObjectTable
CreateBindCtx

oleaut32

VariantChangeType
SafeArrayGetLBound
VariantCopy

comctl32

ImageList_LoadImageA

shlwapi

PathRemoveExtensionW
StrFormatKBSizeW
ChrCmpIW

setupapi

SetupInitDefaultQueueCallback
SetupCloseLog
SetupDiRemoveDevice
SetupDiBuildDriverInfoList

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79a2eacb5ca78bbd69786b9e56dc59de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 42KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 42KB