fad2037e0d10b174af797b054aba2103_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fad2037e0d10b174af797b054aba2103_JaffaCakes118
Size

2.2MB
MD5

fad2037e0d10b174af797b054aba2103
SHA1

a61b896464106ffb3a21ef090a2adaf2a4ffd09a
SHA256

3e082958e962b13c90d82d1370e24eec4697e3cd987f0f698bba482bf3a623d8
SHA512

0e5b09eecef6f9b58ae03445fdfdb940a9a4e64a46ee75167135f7e545f9e2f6ac66a153c986f75129ed91cca2d22b40e29a6843b89e23ca1c2557b09a262c22
SSDEEP

49152:6FIKSj8ifDyE79rTQQw4O5YaARMausnTBZfC6f+hWXss/FFRt:6F7Sj3NlwUaZ/sT+6fbsSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fad2037e0d10b174af797b054aba2103_JaffaCakes118

Files

fad2037e0d10b174af797b054aba2103_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b095585a3d90a888356590bd7e2a23c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetDriveTypeA
GetConsoleCursorInfo
SetProcessPriorityBoost
LocalHandle
CreateSemaphoreA
CreateFileMappingA
GlobalFree
GetThreadSelectorEntry
WaitForMultipleObjects
MoveFileWithProgressA
MultiByteToWideChar
SetConsoleInputExeNameA
GetEnvironmentVariableA
LocalAlloc
SetInformationJobObject
DeleteTimerQueueTimer
GetConsoleCommandHistoryA
GetProcessIoCounters
IsBadReadPtr
GetTempPathA
GetConsoleTitleA
OpenJobObjectA
EndUpdateResourceA
GetConsoleTitleA
GetModuleFileNameA
GetVolumePathNameA
LZStart
GetProcessWorkingSetSize
GetFileType
OpenProcess
GetLocaleInfoA
OpenWaitableTimerA
ExpandEnvironmentStringsA
EnumSystemLocalesA
GetCPInfoExA
SetTapePosition
FlushFileBuffers
GlobalFindAtomA
SetThreadExecutionState
DefineDosDeviceA
OpenFile
WriteProfileStringA
FlushConsoleInputBuffer
GetCommModemStatus
WriteProfileSectionA
VirtualAlloc
GetSystemTimes
WriteConsoleOutputA
ReadConsoleInputA
LoadLibraryExA
SetHandleInformation
GetPrivateProfileSectionA
GetComputerNameA
GetLocaleInfoA
EnumResourceLanguagesA
GetComputerNameExA
RaiseException
ClearCommError
UpdateResourceA
UpdateResourceA
GetConsoleTitleA
UnlockFile
SetConsoleKeyShortcuts
GetDiskFreeSpaceExA
GetProcessHeaps
GetAtomNameA
GetConsoleAliasesLengthA
GetDefaultCommConfigA
WriteConsoleOutputCharacterA
OpenFileMappingA
OpenEventA
GetConsoleCursorMode
ReadConsoleOutputAttribute
lstrcatA
SetHandleInformation
SearchPathA
QueryDosDeviceA
GetSystemWindowsDirectoryA
IsBadCodePtr
PulseEvent
FindAtomA
WritePrivateProfileSectionA
GetVolumePathNameA
GetSystemTimeAdjustment
ExitProcess
QueryDosDeviceA
FindFirstFileA
GetComPlusPackageInstallStatus
GetLocalTime
SetFileAttributesA
FlushViewOfFile
_hread
GetWindowsDirectoryA
GetConsoleTitleA
lstrcmpiA
CopyFileExW
GetBinaryTypeA
GetConsoleMode
GetVolumeNameForVolumeMountPointA
Module32Next
ClearCommBreak
GetOverlappedResult
DeleteVolumeMountPointA
OpenProcess
WritePrivateProfileStructA

gdi32

ChoosePixelFormat
GetDeviceCaps

dhcpsapi

DhcpDeleteServer

opengl32

wglMakeCurrent

dsound

DirectSoundCreate8
DirectSoundCaptureCreate8

Exports

Exports

Atkwmqdvuy
CloseSmqikqe
WriteAnfvjbnuikw
OpenObyevrfedhw
Xxpkiwrpy
Neoumfdi
CloseXcakpphe
Efimvotwbef
BeginVctkdjvt
Pavfqqjda
AddTehyaocsy
Xbjkjgw

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 19.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b095585a3d90a888356590bd7e2a23c4

Headers

File Characteristics

Imports

kernel32

gdi32

dhcpsapi

opengl32

dsound

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 1.1MB - Virtual size: 19.4MB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 332B

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 1.1MB - Virtual size: 19.4MB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 332B

.rsrc
Size: 29KB - Virtual size: 28KB