f1445b3b217eae4eab8870266e7bb822_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f1445b3b217eae4eab8870266e7bb822_JaffaCakes118
Size

136KB
MD5

f1445b3b217eae4eab8870266e7bb822
SHA1

1672a84de87d2dfe016f66e8407cacadcd0a9882
SHA256

2ccd176e76d49f3b84be866cf9a07b49edebdb5d05b652e3c5732e731ace1bc2
SHA512

6f5a9b99e2c95776b4335b02b7c3e04bd9feb6375c5feffa5726c5101f3758c6b3121f9716c85364e6b2a34b0ea386a4f1b1f20ecbcf937414507f8a6f27c602
SSDEEP

3072:8scaDNXrq/CTfOqCbBrmtC1yeTCdBIDyzIiIRn:8shDNXrqaTrGhRMns1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1445b3b217eae4eab8870266e7bb822_JaffaCakes118

Files

f1445b3b217eae4eab8870266e7bb822_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0aca6c1344ff074d9fa5c2ff272e0bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupGetInfInformationA
SetupQueryInfVersionInformationA
SetupCopyOEMInfA
SetupDiClassGuidsFromNameA
SetupInstallFromInfSectionA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

newdev

UpdateDriverForPlugAndPlayDevicesA

shlwapi

SHDeleteEmptyKeyA

kernel32

GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
FreeLibrary
GetWindowsDirectoryA
LocalFree
FormatMessageA
CloseHandle
GetCurrentProcess
GetModuleFileNameA
GetCurrentDirectoryA
CreateProcessA
FindNextFileA
FindFirstFileA
FindClose
RemoveDirectoryA
GetStringTypeA
FlushFileBuffers
SetEndOfFile
ReadFile
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLastError
GetStartupInfoA
HeapFree
RtlUnwind
GetModuleHandleA
ExitProcess
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
CreateFileA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoA

user32

WaitForInputIdle

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
PrivilegeCheck
RegCreateKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0aca6c1344ff074d9fa5c2ff272e0bd

Headers

File Characteristics

Imports

setupapi

newdev

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 48KB - Virtual size: 48KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 48KB - Virtual size: 48KB