278685c84608c1797393a644b5db1626_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

278685c84608c1797393a644b5db1626_JaffaCakes118
Size

215KB
MD5

278685c84608c1797393a644b5db1626
SHA1

c732c51bf40b1374d6f69d53a51e197025eb26f6
SHA256

c0ecbb725272b66cc25cbb1e2df0cbc87a37d6d0445f5abfa79cdb82b2b7a0bd
SHA512

6a8b7c1b6b338acec40273bfe16ddd035ecd2188a9ea3dd92315f2dd661435026026531d930988269cdfa59674585f3eeaf886a01865301581576812f7dcb62b
SSDEEP

3072:56P4nSmn+P5WH3yXMoW5tR4oTt9LK5M94XdUNPtT3Tqn9A8I/GxoW0BUtehk0Bzp:o4pn+Yyo5tZTt9em4XgFT3XpG/KCuv9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278685c84608c1797393a644b5db1626_JaffaCakes118

Files

278685c84608c1797393a644b5db1626_JaffaCakes118
.exe windows:4 windows x86 arch:x86

360a4f496f936939568a54ab393b777e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_SetDragCursorImage
CreatePropertySheetPageW
PropertySheetA

advapi32

MapGenericMask
GetUserNameA
CryptDestroyHash
CryptSetProvParam
SetServiceStatus
RegSaveKeyW
BuildTrusteeWithNameW
StartServiceA
RegSaveKeyA
QueryServiceConfigW
CloseEventLog
InitializeSecurityDescriptor
AllocateAndInitializeSid
IsValidAcl
GetNamedSecurityInfoA
InitiateSystemShutdownA
GetExplicitEntriesFromAclW
RegEnumKeyA
InitializeSid
RegSetValueExA
CryptGetProvParam
ObjectDeleteAuditAlarmW

kernel32

FillConsoleOutputCharacterA
SetCommMask
FormatMessageW
SetNamedPipeHandleState
GetFileType
FindNextChangeNotification
FileTimeToLocalFileTime
GetHandleInformation
WriteProcessMemory
FreeEnvironmentStringsA
PurgeComm
LoadResource
QueryDosDeviceW
CreateNamedPipeW
GetACP
GetConsoleMode
GetModuleFileNameW
GetProfileStringA
GetModuleHandleA
GetStartupInfoA
VirtualAlloc
lstrlenA
GetLargestConsoleWindowSize
SuspendThread
IsBadReadPtr
GetConsoleCursorInfo
EnumSystemCodePagesW
IsValidLocale
_lread
LocalLock
ExpandEnvironmentStringsW
WritePrivateProfileStringW
WriteConsoleOutputW
ExitProcess
CreateMutexW
ReleaseSemaphore
GetCurrentProcessId
VirtualQueryEx
GetDiskFreeSpaceW
_lopen

user32

GetSystemMetrics
InflateRect
ScrollWindow
OpenDesktopW
CreateWindowStationW
EnumClipboardFormats
MonitorFromWindow
CopyAcceleratorTableA
SetThreadDesktop
ShowOwnedPopups
LoadCursorW
SetScrollInfo
GetKeyboardLayout
DispatchMessageA
BeginPaint
ChildWindowFromPointEx
SendNotifyMessageW
InsertMenuW
GetClassInfoExW
MapWindowPoints
ToUnicodeEx
MsgWaitForMultipleObjectsEx
MonitorFromPoint
DialogBoxParamW
UnregisterHotKey
GetMenuInfo
GetDesktopWindow

gdi32

SetMapperFlags
CreateDCW
PathToRegion
SetAbortProc
PolylineTo
GetTextMetricsW
FillPath
AbortDoc
GetTextExtentPointW
CreatePen
SetBrushOrgEx
EndPath
LineTo
GetEnhMetaFilePaletteEntries
StretchDIBits
SetArcDirection
CreateSolidBrush
StrokeAndFillPath
SelectObject

version

VerInstallFileA
GetFileVersionInfoA
VerQueryValueA

oleaut32

SafeArrayRedim

ole32

OleRegGetMiscStatus
CoRegisterMallocSpy

msvcrt

_ui64tow
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_pipe
_wfreopen
iswxdigit
wcsspn
_splitpath
vwprintf
fputwc
strspn
isupper
_chmod
iswalnum
wcscmp
strtod
toupper
strftime
_fdopen
_waccess
_unlink
fclose
_ismbcdigit
_getche
system
_stat
_mbscmp
_wgetcwd
fwprintf
wcslen
_chsize
isspace
atol
_errno
iswspace
fwrite
_fullpath
_ismbblead
asctime
fwscanf
strpbrk
fflush
wcscspn
_mbsnbcmp
_i64tow
_fcvt
rand
wcstok
_isatty
_open
_putws
gmtime
swscanf
fgets
_wsplitpath
_tell
_mbscpy
_kbhit
floor
tmpnam
_mbsdec

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

360a4f496f936939568a54ab393b777e

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

user32

gdi32

version

oleaut32

ole32

msvcrt

Sections

.text Size: 197KB - Virtual size: 197KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 11KB

.text
Size: 197KB - Virtual size: 197KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 11KB