28263225bc3d698122e7f8408c76d32d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28263225bc3d698122e7f8408c76d32d_JaffaCakes118
Size

260KB
MD5

28263225bc3d698122e7f8408c76d32d
SHA1

843b2bc62a368e1961a943459a398e49fdba6007
SHA256

ff82c10358c68742a5f9d629776ecc0781eef3fcfb6355da798e3d2cdb5cf9c2
SHA512

1ea853d5e3ed9d716c9051c7dd1d8bdf53e416b1391d5f68ced5e2840cd8f9df4248905d7d9925f2051d174837e51ffbec7882b89b1498ddf54819c041179a1f
SSDEEP

6144:vPx74pibUXpnsRLlbJNJ/vwFlJgc8s+D:nx7qGewh0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28263225bc3d698122e7f8408c76d32d_JaffaCakes118

Files

28263225bc3d698122e7f8408c76d32d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3dbb4643758c0a9dd2fb0f833289b2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharWidthW
DeleteDC
GetSystemPaletteUse
FillRgn
PlayEnhMetaFileRecord
EnumEnhMetaFile
SetMapMode
ScaleWindowExtEx

winspool.drv

DeletePrinterDriverA
DocumentPropertiesW
ClosePrinter

oleaut32

SysStringLen

kernel32

GetNumberFormatW
IsBadReadPtr
GetShortPathNameW
GetVersionExW
TlsGetValue
WriteFile
FileTimeToDosDateTime
TlsAlloc
VirtualQuery
TlsSetValue
HeapDestroy
InterlockedCompareExchange
OpenFileMappingA
DeleteFileW
WritePrivateProfileStringA
IsValidLocale
GetTimeZoneInformation
GetPrivateProfileIntA
GetACP
FindResourceExA
SetFileTime
LoadLibraryA
GetUserDefaultLangID
Sleep
SetEndOfFile
GlobalFindAtomA
GetSystemDefaultLangID
FindNextChangeNotification
GetLogicalDriveStringsW
GlobalAddAtomW
LoadLibraryW
_lread
Beep
MulDiv
GlobalFree
lstrcmpW
_lopen
GetSystemDirectoryA
GlobalUnlock
OpenEventW
lstrcpyA
EnumResourceLanguagesW
SetFileAttributesA
GlobalGetAtomNameA
HeapSetInformation
ConvertDefaultLocale
GetLongPathNameW
InterlockedIncrement
GetSystemDefaultUILanguage
SetFilePointer
UnlockFile
SetFilePointerEx
RemoveDirectoryW
GetFullPathNameA
DeleteFileA
LocalLock
lstrcatW
HeapFree
SetFileAttributesW
GetPrivateProfileStringW
GetSystemDefaultLCID
IsValidCodePage
GetEnvironmentVariableW
GetTempFileNameW
GetDiskFreeSpaceExW
EnterCriticalSection
OutputDebugStringW
FindResourceExW
CompareStringA
FlushFileBuffers
VirtualQueryEx
GetLocaleInfoA
IsBadWritePtr
GlobalAddAtomA
VirtualAlloc
GetModuleHandleA
HeapSize
GetStartupInfoA

shell32

ExtractIconA
SHGetMalloc
ShellExecuteExW
SHGetFolderPathW
SHGetPathFromIDListA

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA

shlwapi

PathGetDriveNumberW

user32

EnumClipboardFormats
IsWindow
GetWindowTextA
SendDlgItemMessageW
LoadAcceleratorsW
RegisterClassW
DrawMenuBar
LoadKeyboardLayoutA
CreateDialogParamA
GetKeyboardState
GetClassLongA
PostThreadMessageW
UnregisterDeviceNotification
DrawTextExW
SetProcessDefaultLayout
GetClassInfoW
GetMessagePos
VkKeyScanW
FindWindowW
CreatePopupMenu
TabbedTextOutW
ModifyMenuA
LoadStringW
PostThreadMessageA
MapVirtualKeyW
TrackMouseEvent
IsDlgButtonChecked
SetClassLongA
EnableScrollBar
GetMenu
IntersectRect
CharUpperBuffW
GetDCEx

advapi32

CryptGetHashParam
GetSecurityDescriptorOwner
RegisterEventSourceW
RegDeleteKeyA
MakeSelfRelativeSD
DuplicateTokenEx
RegDeleteValueA
RegEnumKeyExA
RegSetValueA
MakeAbsoluteSD
AccessCheck
ReportEventA
RevertToSelf
RegOpenKeyExW
ReportEventW

msvcrt

malloc
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_ismbblead
_iob
towupper
exit
atol
_errno
_exit
isspace
towlower
sprintf
_setmbcp
_wsplitpath
iswspace
iswdigit
wcstol
_wcsupr
_ecvt
bsearch
_wtoi64
iswalnum
ctime
_vsnwprintf
qsort
_wcsicmp
wcspbrk
floor
wcsncpy
_itow
_controlfp
_CxxThrowException
wcstoul
free
_strlwr
fread
wcstod
_beginthreadex
memmove
_except_handler3
__set_app_type
__p__fmode
_stricmp
atoi
_msize
wcsrchr
_cexit
fclose
rand
setlocale
wcsncmp
__p__commode

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3dbb4643758c0a9dd2fb0f833289b2c

Headers

File Characteristics

Imports

gdi32

winspool.drv

oleaut32

kernel32

shell32

version

shlwapi

user32

advapi32

msvcrt

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 16KB - Virtual size: 15KB