394c48d59c26488118a15d642f4f07b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

394c48d59c26488118a15d642f4f07b8_JaffaCakes118
Size

204KB
MD5

394c48d59c26488118a15d642f4f07b8
SHA1

a7b4673e2d9095271c8632e3fff64424b539907b
SHA256

e55b82a003d49734b74ee3e13252663c7faba2e344441a1a0d47532419a7371a
SHA512

61f798ca7514ced1b125b9c7287708caa3cae5c06c6bd4d134c593f440abf359b32d5ab62c9fd209149a85fb3056573c5efcdcf2139162f6f8a7662ec049a053
SSDEEP

3072:FOJH8C1bEWgUfWcXwQmrmAjJMNFOtlgrvQhpZ0naLjIc/7P/khAdbXlXO/:IJJw9EiljJMNFOt8iv9IFAdbQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
394c48d59c26488118a15d642f4f07b8_JaffaCakes118

Files

394c48d59c26488118a15d642f4f07b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bb16067e3e6d128691102330c0a3e80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA

shell32

Shell_NotifyIconW
ShellExecuteA
DragAcceptFiles
SHAddToRecentDocs
FindExecutableA
SHFileOperationA
DragQueryPoint
DragFinish
SHChangeNotify

ole32

OleSave
OleSetContainedObject
CoMarshalInterface
ReadClassStm
CoFreeUnusedLibraries

kernel32

SetConsoleMode
GetOverlappedResult
GetHandleInformation
EnumResourceNamesW
SetThreadAffinityMask
GetModuleHandleA
SetProcessShutdownParameters
FormatMessageA
IsBadStringPtrA
SetConsoleCursorPosition
EraseTape
IsBadReadPtr
WritePrivateProfileStructA
IsBadWritePtr
SetTimeZoneInformation
AllocConsole
SetHandleCount
CreateDirectoryExA
CompareStringA
GetPrivateProfileStringA
DuplicateHandle
CreateFileW
GetFileAttributesExA
LeaveCriticalSection
LocalReAlloc
_lopen
LocalSize
GetSystemTimeAsFileTime
ReleaseMutex
SetCurrentDirectoryA
GetNumberFormatW
LCMapStringA
QueryDosDeviceW
GetCommConfig
SetConsoleOutputCP
WriteProcessMemory
GetOEMCP
SetCommMask
lstrcmpiA
GetConsoleCursorInfo
EnumCalendarInfoA
GetFileInformationByHandle
ReadConsoleInputW
Beep
CreateDirectoryW
FindNextChangeNotification
CreateMutexW
ReadDirectoryChangesW
DebugBreak
UnmapViewOfFile
GlobalFindAtomW
VirtualUnlock
CreateNamedPipeW
GetCPInfo
CreateIoCompletionPort
CreateWaitableTimerA
_llseek
FreeLibrary
GetLongPathNameA
FindResourceExW
GetBinaryTypeW
ClearCommBreak
EnumResourceLanguagesW
SwitchToFiber
FatalAppExitA
ExitThread
OutputDebugStringA
GetShortPathNameA
DosDateTimeToFileTime
GetThreadPriority
DeleteFiber
lstrcmpiW
SetEvent
FindResourceExA
LoadLibraryExA
WritePrivateProfileStringW
IsProcessorFeaturePresent
GetLargestConsoleWindowSize
CreatePipe
_lclose
SetProcessAffinityMask
GetCommModemStatus
GenerateConsoleCtrlEvent
ExitProcess
ReadFile
SetEndOfFile
GetUserDefaultLangID
LocalAlloc
MultiByteToWideChar
GetSystemTime
VirtualAlloc
lstrlenA
GetCommandLineA
PurgeComm
EnumSystemCodePagesA
DeleteCriticalSection
FindFirstFileW
GetPrivateProfileStringW
FreeEnvironmentStringsA
GlobalAddAtomW
RemoveDirectoryW
OutputDebugStringW
RemoveDirectoryA
GetTapeStatus
PrepareTape
CreateMutexA
GetFileType
SearchPathW
EnumTimeFormatsW
GetTimeZoneInformation
IsDBCSLeadByteEx
GetEnvironmentVariableW
GlobalAddAtomA
GetProfileStringA
GlobalUnlock
LocalFileTimeToFileTime
GetCompressedFileSizeW
FindFirstFileExW

gdi32

SetTextJustification
CreatePolygonRgn
PlayMetaFileRecord
GdiFlush
SetMapMode
SetSystemPaletteUse
SetColorAdjustment
CopyMetaFileW
RectVisible
ExtFloodFill
FillPath
GetTextExtentPoint32W
SetPolyFillMode
TextOutA
StretchDIBits
GdiComment
PlayEnhMetaFileRecord

oleaut32

SysAllocStringLen
SafeArrayPutElement
SafeArrayRedim
VariantCopy
VariantChangeType
SysFreeString
SafeArrayGetLBound
SafeArrayGetElement

comctl32

CreateStatusWindowW
ImageList_DrawIndirect
ImageList_GetIconSize

user32

SendInput
GetDlgItemTextW
MonitorFromRect
LoadKeyboardLayoutW
SetWindowsHookExW
RegisterClipboardFormatW
IsWindow
InSendMessage
SendDlgItemMessageW
EqualRect
GetTabbedTextExtentW
GetMenuItemID
BroadcastSystemMessageA
SetDlgItemTextA
CreateIcon
ValidateRgn
DispatchMessageA
RegisterHotKey
UnhookWindowsHookEx
CloseWindow
InsertMenuA
GetPropA
SetClipboardViewer
WinHelpA
CheckDlgButton
LoadBitmapA
CheckMenuRadioItem
DefDlgProcW
GetWindowDC
OffsetRect
GetAsyncKeyState
BroadcastSystemMessageW
DrawTextExW
GetSystemMenu
CreatePopupMenu
DispatchMessageW
CheckRadioButton
FlashWindowEx
OpenDesktopW
InvertRect
PostMessageW
DestroyIcon
DestroyCursor
ChangeDisplaySettingsA
CreateAcceleratorTableW
SetSysColors
LoadCursorA
IsCharLowerA
SetCursorPos
GetClipboardFormatNameA
GetGuiResources
DefFrameProcW
SetProcessWindowStation
TranslateAcceleratorW
SetProcessDefaultLayout
GetWindowTextW
CountClipboardFormats
DrawTextW
EnumDesktopsA
LoadAcceleratorsW
CharToOemBuffA

advapi32

DeleteService
CryptGetKeyParam
CryptGenKey
GetNamedSecurityInfoW
FreeSid
LookupPrivilegeNameA
RegSetKeySecurity
GetUserNameW
SetNamedSecurityInfoW
GetSecurityDescriptorLength
QueryServiceConfigA
RegDeleteValueW
RegReplaceKeyW
IsValidSecurityDescriptor
GetNamedSecurityInfoA
CryptSetHashParam
ImpersonateNamedPipeClient
PrivilegeCheck
ImpersonateSelf
SetPrivateObjectSecurity
RegConnectRegistryA
EnumDependentServicesA
CryptSignHashW
DestroyPrivateObjectSecurity
AddAccessDeniedAce
GetSecurityDescriptorControl
CopySid
ObjectCloseAuditAlarmA
UnlockServiceDatabase
OpenSCManagerW
GetFileSecurityA
AllocateAndInitializeSid
QueryServiceLockStatusW
GetSidSubAuthorityCount
CryptGetUserKey
RegSetValueExA
LogonUserW
CryptDeriveKey
RegConnectRegistryW
CryptGetProvParam
RegCreateKeyExW

msvcrt

_memicmp
wcscoll
putchar
fscanf
_spawnlp
wcstombs
_mbctolower
vprintf
wcscat
difftime
_wfsopen
_wsplitpath
_mbslwr
_mbsicmp
asctime
_popen
_mbschr
_fileno
_chsize
_get_osfhandle
remove
_spawnvp
getc
fflush

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bb16067e3e6d128691102330c0a3e80

Headers

File Characteristics

Imports

version

shell32

ole32

kernel32

gdi32

oleaut32

comctl32

user32

advapi32

msvcrt

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 8KB - Virtual size: 7KB