fd733c2345999d2d8a223471589b4730_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd733c2345999d2d8a223471589b4730_JaffaCakes118
Size

2.1MB
MD5

fd733c2345999d2d8a223471589b4730
SHA1

09ad37a2f6bf3323f0970818f334a01a567e0727
SHA256

14597076a27e295523f39d19230add77b9fdea0fe578b3e109c5b28859c1113a
SHA512

5d6d6e126b6a6c0b78f401e892d5c8c5ecc71a5d8f1cb6057686c7d938b85ef6c6b6577dfa3b858049cf7e3ed5d2b471de97705c476e71e97781724860323b90
SSDEEP

49152:0XxnOEGL+SzJnYQbjy0hO6DybU6aoY32IsmqV:0hOZ+SzJYQPy0hO6OoZoM2D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd733c2345999d2d8a223471589b4730_JaffaCakes118

Files

fd733c2345999d2d8a223471589b4730_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
VirtualQueryEx
EnumResourceLanguagesW
UnhandledExceptionFilter
GlobalReAlloc
GetTapeStatus
GetVolumeInformationW
VirtualFree
GetThreadContext
ConnectNamedPipe
SetThreadLocale
TryEnterCriticalSection
SetSystemTime
CreateEventA
CreateDirectoryA
EndUpdateResourceA
EnumResourceNamesA
LocalLock
SwitchToFiber
UnmapViewOfFile
AreFileApisANSI
LocalReAlloc
PeekConsoleInputW
GetNumberFormatW
GetProcessTimes
OpenFile
GetDateFormatA
EnumDateFormatsW
FreeLibraryAndExitThread
EnumSystemCodePagesA
FindResourceExA
IsDBCSLeadByteEx
SetConsoleActiveScreenBuffer
SetCommMask
RaiseException
LoadLibraryExW
GetAtomNameA
GlobalFlags
GetCurrentDirectoryW
IsProcessorFeaturePresent
CreateDirectoryW
GetSystemDefaultLangID
GetTimeZoneInformation
GetBinaryTypeW
GetHandleInformation
VirtualProtect
GlobalUnlock
WritePrivateProfileSectionA
GlobalFindAtomA
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleHandleA
SetLastError
GetProcessHeap
ReleaseSemaphore
FillConsoleOutputCharacterA
FreeLibrary
SetTimeZoneInformation
GetTempFileNameA
SetNamedPipeHandleState
FindFirstFileExW
FlushConsoleInputBuffer
GetOverlappedResult
WriteConsoleOutputW
OpenSemaphoreW
lstrcatW
GetCommState
lstrcmpA
IsBadReadPtr
SuspendThread
GetCommandLineW
ExitProcess

user32

DispatchMessageW
CreateAcceleratorTableW
EnumDisplaySettingsExW
SendNotifyMessageA
DefFrameProcW
SetPropA
ToUnicode
GrayStringA
GetNextDlgTabItem
RedrawWindow
ChildWindowFromPoint
ChildWindowFromPointEx
CharToOemW
ChangeClipboardChain
GetWindow
GetMenuStringA
GetMenuInfo
GetUserObjectInformationW
GetShellWindow
ModifyMenuW
CreateDialogParamW
ShowWindow
NotifyWinEvent
BroadcastSystemMessageW
SetPropW

gdi32

CreateHatchBrush
GetMetaFileBitsEx
GetCharWidth32A
CreateDiscardableBitmap
GetTextCharacterExtra
EnumFontFamiliesExA
SetSystemPaletteUse
BitBlt
ExtCreatePen
GetBkColor
EnumFontFamiliesExW
GetBkMode
PolyPolyline
GetCurrentPositionEx
StartPage
DescribePixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyW
GetAclInformation
InitializeSid
RegRestoreKeyW
CreateServiceW
CryptVerifySignatureA
MakeSelfRelativeSD
FreeSid
RegisterServiceCtrlHandlerA
CryptAcquireContextW

shell32

ShellExecuteA

ole32

CoLockObjectExternal
OleLockRunning
OleCreateFromData
ReadClassStg
ProgIDFromCLSID
RevokeDragDrop
ReadFmtUserTypeStg
CoMarshalInterface

oleaut32

SafeArrayPutElement
LoadTypeLi
VariantCopy
SafeArrayCreate

comctl32

ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetImageCount

shlwapi

PathIsSameRootW
PathGetDriveNumberA
StrCmpNA
PathUndecorateW
StrCatW
HashData
PathStripPathA
SHSetThreadRef
StrRStrIW
PathRemoveBlanksA
StrFormatByteSize64A
PathParseIconLocationW
PathUnquoteSpacesA
UrlApplySchemeW
PathIsPrefixW
SHRegWriteUSValueW
StrRetToStrW
UrlCombineW

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e19ffe1421994b9ca4fa1aca35f0acd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB