0167435205413fa299bf216b872b51c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0167435205413fa299bf216b872b51c7_JaffaCakes118
Size

316KB
MD5

0167435205413fa299bf216b872b51c7
SHA1

ab44fe64d8a8718f372bd9ec1bfebc04ec162441
SHA256

e7451ca301841e5a523c4874f41c7c3dfa53b6a39b52a8060dbba89206a6cd0b
SHA512

c703d2488d5955762823d2c01628b98c030f1cbea223df48fadd2643bd10d5d64d60cc5f13d1e3ce182eacee959bd1a9e2a88b85a28253dddc5fff5371247591
SSDEEP

6144:KR0bh+/ts7AWshCCjOQy6EubMp1BvPWbyUbiiPJ+SSFRWJ8biom5Df:KR09+/gAWskCjOxH/5P01iIAFRW/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0167435205413fa299bf216b872b51c7_JaffaCakes118

Files

0167435205413fa299bf216b872b51c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03229d3a4c892aed0ae5ea69636d1d63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

gdi32

CreateDCA
CreateSolidBrush
GetDeviceCaps
DeleteObject
DeleteDC

user32

SystemParametersInfoA
GetDC
GetMenuCheckMarkDimensions
EnumWindowStationsW
GetSystemMetrics
GetSysColor
ReleaseDC
GetMonitorInfoA
EnumDisplayMonitors
GetKeyboardLayout

kernel32

WaitForSingleObject
FreeLibrary
GetModuleFileNameW
VirtualProtect
GlobalAlloc
GetCurrentThreadId
HeapFree
CreateEventW
GetModuleHandleW
lstrcmpiW
FlushFileBuffers
GetCurrentProcess
TlsAlloc
GetCurrentProcessId
GetSystemInfo
GlobalMemoryStatus
IsValidCodePage
OutputDebugStringA
GetVersion
GetShortPathNameW
RaiseException
HeapSize
GetTempFileNameA
TlsGetValue
TerminateProcess
LeaveCriticalSection
TlsSetValue
DeleteCriticalSection
GetFileType
OpenMutexA
SetUnhandledExceptionFilter
GetProcessTimes
IsDBCSLeadByte
GetStringTypeExW
CloseHandle
SetFileAttributesW
HeapReAlloc
ReleaseSemaphore
FlushFileBuffers
MultiByteToWideChar
SetEvent
ReleaseMutex
GetSystemDefaultLCID
InitializeCriticalSectionAndSpinCount
GetTickCount
GetUserDefaultLCID
VirtualFree
GetSystemDirectoryW
lstrlenW
GetTimeZoneInformation
InitializeCriticalSection
UnhandledExceptionFilter
InterlockedCompareExchange
GetModuleFileNameA
ExitProcess
EnterCriticalSection
WideCharToMultiByte
GlobalFree
CompareStringW
InterlockedExchange
GetLastError
CreateDirectoryW
CreateProcessA
ExpandEnvironmentStringsW
LoadLibraryExW
GetShortPathNameA
VirtualAlloc
IsDebuggerPresent
GetDiskFreeSpaceExW
HeapValidate
IsValidLocale
CreateMutexA
GetProcAddress
CreateSemaphoreA
HeapAlloc
GetSystemWindowsDirectoryW
CreateProcessW
GetCurrentThread
SetLastError
QueryPerformanceCounter
GetTempPathA
GetCurrentProcessId
GetLongPathNameW
GetVersionExW
CreateFileW
LocalFree
GetFileAttributesW
GetProcessHeap
LoadLibraryW
LoadLibraryA
DeleteFileW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
WriteFile
LocalAlloc
GetVersionExA
TlsFree
GetModuleHandleA
Sleep

advapi32

InitializeAcl
AllocateAndInitializeSid
OpenThreadToken
SetSecurityDescriptorDacl
IsValidSid
RegCreateKeyExW
OpenProcessToken
RegQueryValueExA
InitializeSecurityDescriptor
RegDeleteKeyW
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyW
GetSecurityDescriptorDacl
CopySid
GetTokenInformation
AddAccessDeniedAce
ConvertStringSecurityDescriptorToSecurityDescriptorW
FreeSid
RegEnumKeyW
GetLengthSid
ConvertSidToStringSidA
CheckTokenMembership
RegSetValueExW
RegEnumValueW
RegQueryValueExW
AddAccessAllowedAce
RegOpenKeyExW
RegEnumKeyExW

secur32

GetUserNameExW

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03229d3a4c892aed0ae5ea69636d1d63

Headers

File Characteristics

Imports

version

gdi32

user32

kernel32

advapi32

secur32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 73KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 73KB