2760480d334bb1f596d867ba91ce5405_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2760480d334bb1f596d867ba91ce5405_JaffaCakes118
Size

276KB
MD5

2760480d334bb1f596d867ba91ce5405
SHA1

b472e18bdf256f40d6d20832fb3a42cfd11dc4ad
SHA256

1a2e7d2adbe8e142bc25edbcdfbbb17a1d2e18d149d9dcbd121b608a2c6d5152
SHA512

9d1dbad8c250a42bcb6fbe466daf149969e4e59e00ea2d42b198ea0fa1718f1e1b349733666f41a69acddba591a0b6636f810b4cdaf7fefa91194a65ff112e01
SSDEEP

6144:7Ph5LG1Yq3bysF7NrmcXsh3yH0so/1y5qj3iqxfM79p:7PhwSYWcHshCH0s+oj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2760480d334bb1f596d867ba91ce5405_JaffaCakes118

Files

2760480d334bb1f596d867ba91ce5405_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19a1d5a3275c937ffd64db0ab554cb17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDeferWindowPos
IsCharLowerA
VkKeyScanW
IsWindowVisible
GetForegroundWindow
SetWindowTextA
CharLowerBuffW
EndDialog
UnhookWinEvent
DestroyCursor
AppendMenuA
TabbedTextOutA
GrayStringW
UnhookWindowsHook
GetClassLongA
GetKeyboardLayoutNameA
ShowScrollBar
BringWindowToTop
TranslateMDISysAccel
CheckMenuItem
SwitchToThisWindow
GetDialogBaseUnits
ShowWindowAsync

ws2_32

recv
getprotobynumber
WSARecvFrom
inet_ntoa
WSAUnhookBlockingHook
select
WSASocketA

ole32

CoFileTimeNow
CoFreeUnusedLibraries
CreateBindCtx
StringFromGUID2
CoImpersonateClient
OleCreateLink

kernel32

EnumCalendarInfoA
GetModuleHandleA
_lopen
DebugBreak
GetTickCount
GlobalDeleteAtom
GetOEMCP
CreateWaitableTimerA
GetStartupInfoA
SetStdHandle
CreateDirectoryA
VirtualFree
FindNextChangeNotification
GlobalFindAtomW
GetFileType
VirtualAlloc
lstrlenA
GetCommModemStatus
EnumCalendarInfoW
ReleaseMutex
VirtualAllocEx
GetSystemDefaultLangID
GlobalFree
GetProcessHeap
SetErrorMode
LoadLibraryExW
Beep
GetCPInfo
SetConsoleMode
CreateDirectoryExA
GetLogicalDriveStringsA
GetSystemInfo
GetOverlappedResult
GetPrivateProfileStringA
lstrcmpiA
ReadConsoleOutputA
_lread
AllocConsole
IsProcessorFeaturePresent
lstrcpynA
GetUserDefaultLangID
GetComputerNameW
ReleaseSemaphore
lstrcmpiW
GetThreadPriority
WritePrivateProfileSectionW
GetFullPathNameA
SuspendThread
_llseek
SetFileTime
LCMapStringA
LocalFileTimeToFileTime
lstrcatW
GetPrivateProfileStringW
GlobalGetAtomNameW
GetTapeStatus
FindFirstFileA
FreeLibraryAndExitThread
DeleteFiber
AreFileApisANSI
TlsGetValue
GetBinaryTypeA
GetCurrentDirectoryW
TryEnterCriticalSection
PrepareTape
CompareStringA
GetAtomNameA
FlushConsoleInputBuffer
WriteConsoleOutputCharacterA
SystemTimeToFileTime
OutputDebugStringA
EnumResourceLanguagesW
EnumResourceNamesW
VirtualProtect
GetDiskFreeSpaceExA
SetTimeZoneInformation

oleaut32

SafeArrayPutElement
SafeArrayRedim
SetErrorInfo
SafeArrayGetLBound
SysFreeString
VariantChangeType
SafeArrayUnaccessData
SysStringLen
VariantCopy

gdi32

CopyMetaFileW
GetClipBox
CreateICA
CreateFontW
CreateMetaFileW
AddFontResourceW
GetBrushOrgEx
PtInRegion
SetViewportExtEx

shell32

Shell_NotifyIconW
ShellExecuteA
SHChangeNotify
ExtractIconA
SHLoadInProc

advapi32

RegLoadKeyW
RegConnectRegistryA
CloseEventLog
CreateServiceA
RegSetValueExW
DeregisterEventSource
ImpersonateLoggedOnUser
ObjectDeleteAuditAlarmW
GetSecurityDescriptorGroup
MakeSelfRelativeSD
IsValidSecurityDescriptor
GetUserNameA

msvcrt

_errno
_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_exit
wcscoll
bsearch
_wspawnvp
_lseek
sprintf
_c_exit
_waccess
_lseeki64
_dup
_acmdln
setlocale
_locking
swscanf
_isatty
strcoll
_chdir
_mbslwr
memmove
_beginthread
_mbsnbcnt
_stricmp
vprintf
_getcwd
_fileno
strspn
_itoa
_putenv
_pipe
fputwc
_i64tow
_vsnprintf
_getdrive
wctomb
wcsncmp
exit
frexp
_chsize
_sopen
_dup2
_fsopen
_chdrive
iswdigit
iswcntrl

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19a1d5a3275c937ffd64db0ab554cb17

Headers

File Characteristics

Imports

user32

ws2_32

ole32

kernel32

oleaut32

gdi32

shell32

advapi32

msvcrt

Sections

.text Size: 236KB - Virtual size: 235KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 28KB - Virtual size: 24KB