f70c0d70b1049d1522b587577ba4202e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f70c0d70b1049d1522b587577ba4202e_JaffaCakes118
Size

620KB
MD5

f70c0d70b1049d1522b587577ba4202e
SHA1

88b11d88171998ffcbfdbc25a7ba42d95487fbd0
SHA256

f5d8f808ec7aead2990079ffb9cb63290bda4fae929a81c2f7213b3726e13dd9
SHA512

3a43a5d0e24b379d0f9074b650f3838d66eb8c5157becc4ae40dd4d8485ad4d11fbbd240db6034a714cfcf7c981328235e061ee25445f298f8ec6a036e5430a5
SSDEEP

12288:/KRZNtXd62r8xrzxHp17SsB6uZsMCO9xdHl0eTr:/KVtLr8xrNpd/ZdvjI+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f70c0d70b1049d1522b587577ba4202e_JaffaCakes118

Files

f70c0d70b1049d1522b587577ba4202e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetEnvironmentVariableA
CreatePipe
VirtualQuery
DuplicateHandle
TlsGetValue
SearchPathW
GetCPInfo
SetConsoleCursorPosition
FreeLibrary
GlobalUnlock
SetConsoleActiveScreenBuffer
ReleaseMutex
CreateDirectoryExA
SetThreadAffinityMask
SystemTimeToFileTime
SetProcessShutdownParameters
CreateDirectoryA
FormatMessageA
VirtualAlloc
MoveFileW
SetErrorMode
LoadResource
GetCommModemStatus
OutputDebugStringA
EnumDateFormatsW
CreateWaitableTimerA
SetupComm
CloseHandle
IsBadWritePtr
GetUserDefaultLangID
GlobalFlags
GetTapeParameters
ReadFile
GetTickCount
GlobalDeleteAtom
GlobalFindAtomA
_hread
GetBinaryTypeW
_lread
EnumSystemCodePagesW
SetThreadLocale
DeleteCriticalSection
GetUserDefaultLCID
FindFirstFileW
WritePrivateProfileSectionW
EnumTimeFormatsW
GetFileType
WritePrivateProfileSectionA
RemoveDirectoryW
LeaveCriticalSection
lstrcmpA
GetDriveTypeW
SetProcessAffinityMask
ReadConsoleInputW
ConnectNamedPipe
GetConsoleMode
FormatMessageW
WritePrivateProfileStringW
SetFileTime
LocalAlloc
lstrcmpiW
IsValidLocale
IsBadReadPtr
FlushConsoleInputBuffer
SuspendThread
SetCommMask
PurgeComm
GetFullPathNameA
SetMailslotInfo
WritePrivateProfileStringA
WriteFile
SetFileAttributesA
VirtualUnlock
WaitNamedPipeA
GlobalReAlloc
MoveFileExA
WriteConsoleOutputCharacterA
WriteProcessMemory
SetEvent
SwitchToFiber
MultiByteToWideChar
FillConsoleOutputCharacterA
FindFirstFileA
LocalReAlloc
PulseEvent
GetFileAttributesExA
SetConsoleTitleA
ExitProcess

user32

ToUnicode
CharLowerBuffA
CloseClipboard
CheckMenuItem
SetMenuItemBitmaps
IsRectEmpty
SendNotifyMessageA
GetMenuItemInfoW

comdlg32

GetSaveFileNameA
FindTextA
CommDlgExtendedError
ReplaceTextW

advapi32

CryptSetProvParam
GetPrivateObjectSecurity
ChangeServiceConfigA
AllocateAndInitializeSid
RegSaveKeyA
CryptGetHashParam
IsValidSecurityDescriptor
RegEnumValueW
RegUnLoadKeyW
StartServiceCtrlDispatcherW
CloseEventLog
AccessCheckAndAuditAlarmW
GetExplicitEntriesFromAclW
AddAce
ImpersonateSelf
CryptDecrypt
QueryServiceConfigA
SetEntriesInAclA
SetSecurityDescriptorGroup
AccessCheck
RegisterEventSourceW
ChangeServiceConfigW
ObjectDeleteAuditAlarmW
RegQueryValueA
RegRestoreKeyA
DeleteService
RegOpenKeyExW
GetSidIdentifierAuthority
LookupAccountSidA
MakeSelfRelativeSD
RegSetValueExW
AbortSystemShutdownA
AllocateLocallyUniqueId
QueryServiceConfigW

ole32

CoDisconnectObject
OleLockRunning

oleaut32

LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElement
VariantCopy
SafeArrayCreate
QueryPathOfRegTypeLi

comctl32

ImageList_SetDragCursorImage
ImageList_Merge

shlwapi

PathIsDirectoryEmptyW
PathIsUNCServerW
PathRemoveArgsW
PathRelativePathToA
PathRemoveBlanksA

Sections

.text
Size: 23KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83198eb11667f74d7f1635c4a135a114

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 23KB - Virtual size: 239KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 268KB - Virtual size: 267KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 23KB - Virtual size: 239KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 268KB - Virtual size: 267KB

.rsrc
Size: 16KB - Virtual size: 16KB