f9df534c02ad98f9311b3d87b25388e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9df534c02ad98f9311b3d87b25388e3_JaffaCakes118
Size

124KB
MD5

f9df534c02ad98f9311b3d87b25388e3
SHA1

b3b7464c3e31f54eebd2a37b5aadef8e8174f1f7
SHA256

dd201f8ed4243e555990c9eeb7be7160de389981b4d1d9e804ad9ac0847eeaf6
SHA512

3d272387c6876224641b1b406ceb4cee8d790ef92b06ff2be4e8bb619d34b979ca4e879f63b9104a4ed584ddb41a0e7e8ec87d7d0c0231ee2aab3402cfb87dee
SSDEEP

1536:/CBnl0puybMdDvvqdoNLTyf/YHf22yhOcC3wLfFlduhMrLWseVYnr4hz78m5liX5:CjtDvvCr2XwfFlMG+mAzPntl3Ti9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9df534c02ad98f9311b3d87b25388e3_JaffaCakes118

Files

f9df534c02ad98f9311b3d87b25388e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4f62cf6ef1bafcd6fe982bf29183d213

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memmove
NtGetDevicePowerState

msvcrt

_XcptFilter
_exit
_c_exit
time
localtime
_cexit
iswctype
_except_handler3
_wtol
wcsncmp
_snwprintf
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
wcsncpy

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetLocalTime
GetUserDefaultLCID
GetDateFormatW
GetTimeFormatW
GlobalLock
GlobalUnlock
GetFileInformationByHandle
CreateFileMappingW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GlobalFree
GetLocaleInfoW
LocalFree
LocalAlloc
lstrlenW
LocalUnlock
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
UnhandledExceptionFilter

gdi32

EndPage
AbortDoc
EndDoc
DeleteDC
StartPage
GetTextExtentPoint32W
CreateDCW
SetAbortProc
GetTextFaceW
TextOutW
StartDocW
EnumFontsW
GetStockObject
GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
SelectObject

user32

CreateWindowExA
GetSystemMenu
ChangeMenuA
DefWindowProcA
PostQuitMessage
RegisterClassA
DdeNameService
DdeGetData
DdeCmpStringHandles
DdePostAdvise
LoadCursorA
LoadIconA
ShowWindow
GetMessageA
DispatchMessageA
TranslateMessage
PostMessageA
RegisterWindowMessageA
DdeCreateDataHandle
wsprintfA
DdeCreateStringHandleA
DdeFreeStringHandle
DdeGetLastError
DdeInitializeA
DdeUninitialize
DdeDisconnect
PeekMessageA

Sections

.text
Size: 59KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f62cf6ef1bafcd6fe982bf29183d213

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msvcrt

advapi32

kernel32

gdi32

user32

Sections

.text Size: 59KB - Virtual size: 57KB

.data Size: 272KB - Virtual size: 698KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 59KB - Virtual size: 57KB

.data
Size: 272KB - Virtual size: 698KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 13KB - Virtual size: 13KB