12e484ecfd7beeb05bec97e1510f23ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12e484ecfd7beeb05bec97e1510f23ee_JaffaCakes118
Size

241KB
MD5

12e484ecfd7beeb05bec97e1510f23ee
SHA1

422efb344f62fc476ec3643c36f09c307e774289
SHA256

c23b092d7e6926b86e08dae3e4880d78bd60dee1f861f3fbf5ed09e0b7c717e2
SHA512

57a43b0de42f88f97c26e38dcad80195a31a90d665dad35c72f3721726bf005a7323930b8246c7b3a15dc1db30d9224dbfd8b5c42b1046ef8756f9991e020b32
SSDEEP

6144:5i08RKPIZvjAiVdLCDUBgOAkO8SAwEkb2Qc:5i0MKgqiXCCxOxZy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e484ecfd7beeb05bec97e1510f23ee_JaffaCakes118

Files

12e484ecfd7beeb05bec97e1510f23ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

350d20054560e0de63a53ab497d2fd54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateILockBytesOnHGlobal
CoResumeClassObjects
CoTaskMemFree
WriteClassStg
CLSIDFromProgID
OleGetClipboard
MkParseDisplayName
StringFromIID
StringFromCLSID
CoTreatAsClass

shlwapi

PathIsRelativeW
PathRemoveFileSpecW
StrCatBuffA

oleaut32

SafeArrayPutElement

version

GetFileVersionInfoA

gdi32

CreateFontW
EnumFontFamiliesExW
FrameRgn
DeleteMetaFile
EndPath
GetMetaFileBitsEx
LineTo
CreateDIBSection
GetMapMode
SetDIBits
ExtTextOutW
EndDoc
GetEnhMetaFilePaletteEntries
Rectangle
RemoveFontResourceA
GetDeviceCaps
Chord
CreatePatternBrush
CreateBrushIndirect
DeleteObject
GetCurrentObject
AnimatePalette
GetTextColor
CreateEllipticRgn
CreateFontIndirectW
SetViewportOrgEx

shell32

ShellExecuteExW
SHGetFolderPathAndSubDirW
SHCreateDirectoryExW
SHBrowseForFolderA

kernel32

ExitProcess
VirtualAlloc
GetCommandLineA
GetFileType
InterlockedDecrement
CreateIoCompletionPort
EnumCalendarInfoA
lstrlenA
GetDiskFreeSpaceA
GetCurrentThreadId
GlobalFindAtomA
GetWindowsDirectoryW
GetUserDefaultLCID
Sleep
GetProcAddress
MoveFileExW
GetVolumeInformationW
GetLogicalDriveStringsA
GetUserDefaultLangID
GetPrivateProfileIntW
SetEndOfFile
_lopen
lstrcmpA
GetPrivateProfileIntA
MoveFileExA
SetErrorMode
GetVersion
FindCloseChangeNotification
GetSystemTimeAsFileTime
SetHandleCount
LCMapStringA
GetFileSizeEx
LocalFree
GetQueuedCompletionStatus
SearchPathW
InterlockedCompareExchange
IsDBCSLeadByte
OutputDebugStringA
_llseek
GetExitCodeThread
CreateFileMappingA
ExitThread
TransactNamedPipe
SetFilePointerEx
MoveFileW
GetLastError
VirtualProtect
GetFileAttributesExW
GetSystemWindowsDirectoryW
FormatMessageW
GetOverlappedResult
GetProcessAffinityMask
LoadLibraryExA
GetConsoleCP
RemoveDirectoryW
LCMapStringW
CompareStringA
SwitchToThread
DeviceIoControl
CreateToolhelp32Snapshot
SetProcessWorkingSetSize
SetEvent
GetCurrentThread
LocalLock
MapViewOfFile
GetSystemDefaultUILanguage
SetThreadExecutionState
WinExec
GetModuleFileNameW
GlobalGetAtomNameA
GlobalSize
LoadLibraryExW
GetTimeFormatW
Process32NextW
OpenFileMappingW
QueueUserWorkItem
GetConsoleMode
CompareFileTime
CreateSemaphoreA
GlobalFindAtomW
TlsSetValue
GetCurrentDirectoryW
GlobalAlloc
DebugBreak
GetDiskFreeSpaceExW
GetEnvironmentVariableW
GlobalReAlloc
GetEnvironmentStringsW
GetComputerNameW
GetLocalTime
SetFileTime
_lread
GetThreadPriority
GetStringTypeExA
SetCurrentDirectoryA
CreateDirectoryW
GetLongPathNameW
QueryDosDeviceW
GetWindowsDirectoryA
VirtualQuery
GetTimeFormatA
SetFilePointer

comctl32

PropertySheetW
ImageList_Write
ImageList_Add
ImageList_DrawEx

advapi32

SetFileSecurityW
SetNamedSecurityInfoW
AccessCheck
GetSecurityDescriptorLength
RegEnumKeyW
CloseServiceHandle
OpenSCManagerW
MakeSelfRelativeSD
GetSidLengthRequired
RegCreateKeyW
ChangeServiceConfigW
GetSecurityDescriptorControl
DuplicateTokenEx
RegOpenKeyA
CryptGenRandom
RegOpenKeyW
RegQueryInfoKeyW

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

user32

DdeAccessData
OpenIcon
GetForegroundWindow
GetCursorPos
IsWindowUnicode
MonitorFromWindow
RegisterWindowMessageA
GetAncestor
FlashWindow
ReleaseCapture
SetCursor
MsgWaitForMultipleObjects
IsWindowEnabled
GetDCEx
SetWindowTextA
LoadImageW
DialogBoxIndirectParamA
SubtractRect
CopyRect
UnpackDDElParam
RegisterClassExW
GetIconInfo
WindowFromPoint
GetNextDlgGroupItem
RegisterClipboardFormatW
OffsetRect
UnregisterClassW
UnregisterClassA
SetRect
GetMonitorInfoW
PostMessageW

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350d20054560e0de63a53ab497d2fd54

Headers

File Characteristics

Imports

ole32

shlwapi

oleaut32

version

gdi32

shell32

kernel32

comctl32

advapi32

comdlg32

user32

Sections

.text Size: 216KB - Virtual size: 216KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 216KB - Virtual size: 216KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB