efc8d9c7473aadac2826ca839f61d141_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efc8d9c7473aadac2826ca839f61d141_JaffaCakes118
Size

429KB
MD5

efc8d9c7473aadac2826ca839f61d141
SHA1

8a3f1bbbcc0d88c59d77db433fc1d2882c8e13ed
SHA256

9273c685945b0e6a80b959c7e00f169d540944c2b07f76ea5e998fc7421bbd57
SHA512

b601353c99b5161fd873c5dcb3cf31c717a1948026b58ac927d321b64e26ae7889785de92047806281eb99679ff4e8cca04dfabd3fd3b6897862c21caf60b216
SSDEEP

6144:nrhVRWuKoJzDcVXyb2WTHqwhsYD/Qk6Khpcw0TjOTxOqdHW4eC/F/hdmRrVkzlfb:nrhVguKOc7cP6Wc3i8qJW7C/ERrMJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efc8d9c7473aadac2826ca839f61d141_JaffaCakes118

Files

efc8d9c7473aadac2826ca839f61d141_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a51c5b1ecb59d22158816bd9cc0b31c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellHookProc
SHQueryRecycleBinA
ExtractIconExW
SHGetPathFromIDListA
SheChangeDirA
ExtractAssociatedIconA
SHFormatDrive

comdlg32

ChooseColorW
GetOpenFileNameW
ReplaceTextA
GetFileTitleA
LoadAlterBitmap
PrintDlgA
GetSaveFileNameW
PageSetupDlgW
PageSetupDlgA
PrintDlgW
ChooseColorA
GetFileTitleW
GetSaveFileNameA
ReplaceTextW

advapi32

RegSetValueExA
RegCloseKey
RegConnectRegistryW
LookupPrivilegeNameW
InitiateSystemShutdownW
RegOpenKeyA
LookupPrivilegeValueW
RegQueryValueExA
CryptSignHashA
CryptEnumProviderTypesW
CryptGetProvParam

gdi32

SetROP2
StartDocW
ColorMatchToTarget
SetPixelV
GetTextCharsetInfo
GetEnhMetaFileDescriptionA
GdiPlayScript
GetOutlineTextMetricsW
OffsetClipRgn
SetDIBitsToDevice
UpdateICMRegKeyA
CreateDCA
Chord
ModifyWorldTransform

kernel32

VirtualQuery
ExitProcess
GetDateFormatA
InterlockedExchange
EnumTimeFormatsA
WriteFile
LCMapStringW
EnterCriticalSection
UnhandledExceptionFilter
InterlockedIncrement
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCPInfo
GetEnvironmentStrings
GetCalendarInfoW
RemoveDirectoryW
EnumResourceNamesW
GetUserDefaultLCID
FreeEnvironmentStringsA
TlsAlloc
GetProcessHeap
GetStartupInfoA
GetVersionExA
CompareStringW
HeapSize
HeapFree
GetStringTypeA
GetThreadSelectorEntry
GetACP
CompareStringA
GetLastError
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
EnumDateFormatsExA
CreateMailslotW
TlsFree
GetCurrentThread
FreeEnvironmentStringsW
LCMapStringA
IsDebuggerPresent
GetLocaleInfoA
SetConsoleCtrlHandler
TlsGetValue
GetStringTypeExW
GetCommandLineA
TlsSetValue
GlobalAlloc
VirtualFree
GetEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
SetEnvironmentVariableA
IsValidCodePage
EnumSystemLocalesA
HeapCreate
Sleep
GetLocaleInfoW
MultiByteToWideChar
GetTimeZoneInformation
HeapReAlloc
HeapDestroy
IsValidLocale
GetOEMCP
GetTickCount
FreeLibrary
GetTimeFormatA
VirtualAlloc
TerminateProcess
GetStringTypeW
InterlockedDecrement
GetModuleHandleA
WideCharToMultiByte
CreateFileMappingA
GetCurrentProcess
InitializeCriticalSection
WaitNamedPipeA
GetCurrentThreadId
GetFileType
GetProcAddress
SetHandleCount
SetLastError
WaitForDebugEvent
LoadLibraryA
GetShortPathNameW
UnlockFile
LeaveCriticalSection
GetStdHandle
lstrlenW

wininet

InternetGoOnlineW
GopherGetLocatorTypeW
FtpRenameFileA
GetUrlCacheConfigInfoA
SetUrlCacheConfigInfoA
FtpCommandA
InternetConnectW
UnlockUrlCacheEntryFile
HttpQueryInfoW
RetrieveUrlCacheEntryFileW
HttpCheckDavCompliance
InternetOpenW
IsUrlCacheEntryExpiredA
HttpQueryInfoA
InternetReadFileExW
FtpGetCurrentDirectoryA
DetectAutoProxyUrl
GetUrlCacheEntryInfoW
InternetFindNextFileA
InternetInitializeAutoProxyDll
FtpFindFirstFileA
GopherFindFirstFileW

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a51c5b1ecb59d22158816bd9cc0b31c

Headers

File Characteristics

Imports

shell32

comdlg32

advapi32

gdi32

kernel32

wininet

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 277KB - Virtual size: 307KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 277KB - Virtual size: 307KB

.rsrc
Size: 9KB - Virtual size: 8KB