0234cb5ef935682228937722cfbd1431_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0234cb5ef935682228937722cfbd1431_JaffaCakes118
Size

288KB
MD5

0234cb5ef935682228937722cfbd1431
SHA1

864ff2c8c3ec86be396afa7f58e914d72270a27b
SHA256

da78a245026ac40aaf5dd2f9604ad19d59419ee7aacc1abfb0f850ac82b7ad51
SHA512

15dfcd42bde5e1e692f80e8c15de23736ce64be6f4cc1b9912a6a853a78e80b3b60184d067f127fc4a42a7263ef4bc13d4fe1e60578b19a6c99e267976d4965c
SSDEEP

6144:k/raOaWT4cVhVTD2MKM3L47rkHReIw9M5ElR6fCsDG:k/2gT4CVWMKEakN3ElcnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0234cb5ef935682228937722cfbd1431_JaffaCakes118

Files

0234cb5ef935682228937722cfbd1431_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e274c76a480517d1728b7bb66d24539

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesA
GlobalDeleteAtom
CreateWaitableTimerA
SetThreadAffinityMask
GetTempPathW
SetStdHandle
CancelIo
_lread
CreateFileW
GetCommState
GetAtomNameA
SetCommMask
OutputDebugStringW
SetEvent
PeekNamedPipe
lstrcpyA
GetShortPathNameA
GetFileInformationByHandle
SetFileTime
SetMailslotInfo
lstrcmpiA
lstrcatW
GetShortPathNameW
GlobalFree
IsValidLocale
GetEnvironmentStringsW
SetThreadLocale
SizeofResource
DebugBreak
GetStartupInfoA
GetFileType
GetVersion
SetVolumeLabelA
CompareStringW
PurgeComm
IsBadWritePtr
FreeEnvironmentStringsA
ReadConsoleInputW
GenerateConsoleCtrlEvent
GetModuleHandleA
QueryDosDeviceW
VirtualAlloc
GlobalFindAtomA
SetConsoleOutputCP

user32

EnumDesktopsW
SetDlgItemTextW
EnumDesktopsA
GetClassInfoExA
GetMenu
HideCaret
CreateWindowStationW
GetMessageExtraInfo
GetGuiResources
GetWindowContextHelpId
CreateAcceleratorTableA
IsDlgButtonChecked
BroadcastSystemMessageA
ClipCursor
DefWindowProcA
DrawFocusRect
SendDlgItemMessageW
IsZoomed
GetWindowDC
ChildWindowFromPointEx
InSendMessage
OemKeyScan
TabbedTextOutW
GetProcessDefaultLayout
GetSystemMetrics
IsCharAlphaNumericW
SetMenuItemInfoA
LookupIconIdFromDirectory
MsgWaitForMultipleObjectsEx
GetMenuState
ValidateRgn
OemToCharA

gdi32

GetEnhMetaFileDescriptionA
SetRectRgn

comdlg32

FindTextA
ChooseColorA

advapi32

ImpersonateNamedPipeClient
SetKernelObjectSecurity
SetTokenInformation
NotifyChangeEventLog
EnumDependentServicesW
GetAclInformation
OpenProcessToken
QueryServiceStatus
RegQueryValueW
AddAccessDeniedAce
AdjustTokenPrivileges
FreeSid
OpenThreadToken
EnumServicesStatusW
LockServiceDatabase
RegEnumKeyA
SetSecurityDescriptorOwner
ReadEventLogW
RegOpenKeyExA
SetServiceObjectSecurity
StartServiceCtrlDispatcherA
QueryServiceObjectSecurity
BuildTrusteeWithNameW
RegDeleteValueA
RegQueryValueA
EqualSid
GetServiceDisplayNameA
ReportEventA
InitiateSystemShutdownA
EnumServicesStatusA
AddAccessAllowedAce
ChangeServiceConfigW
NotifyBootConfigStatus
StartServiceW

shell32

Shell_NotifyIconA

ole32

OleIsRunning
StgCreateStorageEx
CoGetInterfaceAndReleaseStream

oleaut32

SysFreeString

comctl32

ImageList_DragShowNolock
PropertySheetW
ImageList_DrawEx

shlwapi

PathRemoveFileSpecW
SHGetValueW
PathSkipRootW
PathFileExistsW
AssocQueryKeyW
PathIsDirectoryA
PathFindOnPathW
SHSetThreadRef
PathRelativePathToA
SHRegOpenUSKeyW
StrCmpNIW
SHRegGetBoolUSValueW
StrCmpNA
SHCreateStreamOnFileW

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_controlfp
_except_handler3

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e274c76a480517d1728b7bb66d24539

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 33KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 33KB