169771f351bf849f4383dc3d30c17a5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169771f351bf849f4383dc3d30c17a5d_JaffaCakes118
Size

20KB
MD5

169771f351bf849f4383dc3d30c17a5d
SHA1

7a4d6fc021b58996695003a21a940f31836e3b76
SHA256

02e27e82820edad3a9ed41326837dffea29ebef5f670aa998d7eb8227621b114
SHA512

ffdf6c35460453ee4990a045e1a962d8a912a980ef5054a32ee31826aa0df16c609b99dd9f29e6fc6bec469fc4d5718cb7a6feab116934815333c58cb0ba19ea
SSDEEP

384:qZJxApdYDCMw8qZeBbbMRlRw13M7TMz9efMN7PR607eFQKEn90gYcssu:qZJQt9ZeBbARlWuHMBmMN700yyKEnRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169771f351bf849f4383dc3d30c17a5d_JaffaCakes118

Files

169771f351bf849f4383dc3d30c17a5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

614c979d5edfb2f8ac7c8e0b23fe569f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
SetFileAttributesA
LockResource
AddAtomW
IsBadCodePtr
WriteConsoleW
ExitProcess
GetComputerNameW
IsValidCodePage
GetCurrentDirectoryW
VirtualAlloc
CreateDirectoryA
CreateFileMappingW
OutputDebugStringW
SizeofResource
LoadResource
GetFullPathNameW
DeviceIoControl
lstrcatW
CreateMutexW
MulDiv
VirtualFree
GetLastError
GetCurrentProcess
CreateProcessW
CopyFileW
FindResourceA
CreateMutexA

rpcrt4

DceErrorInqTextW
NdrAllocate
CStdStubBuffer_CountRefs
MesEncodeFixedBufferHandleCreate
MesBufferHandleReset
DllGetClassObject
NdrByteCountPointerUnmarshall
NdrByteCountPointerFree
NdrAsyncClientCall
NDRSContextMarshallEx
NDRSContextMarshall
NdrAsyncServerCall
MesDecodeIncrementalHandleCreate
NdrClientInitialize
MesHandleFree
MesInqProcEncodingId
NDRcopy
NDRCContextMarshall
CreateStubFromTypeInfo
NdrByteCountPointerBufferSize
NDRCContextBinding
NdrConformantStructBufferSize
MesIncrementalHandleReset

ole32

CoCreateInstanceEx

user32

GetSystemMetrics
PostMessageW
ShowWindow
GetSysColor
UpdateWindow
GetDesktopWindow
SetTimer
DefWindowProcA
GetClientRect
LoadStringA
wsprintfA
EnableWindow
DispatchMessageA
SetFocus
GetDlgItem
SendMessageW
EndDialog
CharNextA
SetWindowLongW

advapi32

CloseServiceHandle
RegDeleteValueA
RegEnumKeyExA
FreeSid
RegDeleteValueW
RegEnumValueW
OpenProcessToken
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCloseKey
AllocateAndInitializeSid
RegQueryValueExW
RegDeleteKeyA
InitializeSecurityDescriptor
RegSetValueExW
OpenThreadToken
GetTokenInformation

shell32

PickIconDlg
DllGetVersion
SHChangeNotifyRegister
SHDefExtractIconW
DAD_DragEnterEx
DllInstall
DllGetClassObject
DragFinish
PathQualify
SHStartNetConnectionDialogW
DAD_DragLeave
DriveType
DllCanUnloadNow
SHILCreateFromPath
SHCoCreateInstance
DAD_DragMove
SHChangeNotifyDeregister
IsLFNDrive
GetFileNameFromBrowse
IsNetDrive
RestartDialog
Shell_GetImageLists
PathResolve
Shell_GetCachedImageIndex
DllRegisterServer
SHGetSetSettings
DragAcceptFiles
Shell_MergeMenus
PifMgr_OpenProperties
DllUnregisterServer

msvcrt

wcscpy
wcsncpy
wcscmp
strtol
_iob
_adjust_fdiv
realloc
free
_wcsicmp
_local_unwind2
_itow
_wtoi
_except_handler3
wcslen
fwrite
_ftol
swprintf
__dllonexit
wcsncmp
_vsnwprintf
_onexit
malloc
_strnicmp

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

614c979d5edfb2f8ac7c8e0b23fe569f

Headers

File Characteristics

Imports

kernel32

rpcrt4

ole32

user32

advapi32

shell32

msvcrt

Sections

.textbss Size: - Virtual size: 12KB

.debug Size: 1024B - Virtual size: 724B

.idata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 899B

.rsrc Size: 8KB - Virtual size: 8KB

.text Size: 1024B - Virtual size: 582B

.textbss
Size: - Virtual size: 12KB

.debug
Size: 1024B - Virtual size: 724B

.idata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 899B

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 1024B - Virtual size: 582B