fe27b377e9edd9ecaccec493a2d15b2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe27b377e9edd9ecaccec493a2d15b2c_JaffaCakes118
Size

10.1MB
MD5

fe27b377e9edd9ecaccec493a2d15b2c
SHA1

4b4897923a21b80153888d0861baa9bfea6bc02b
SHA256

cba35a2e5c88c4b433d635d3321516b95421c97a026a6b6eb19417884e1ffe50
SHA512

6a2fea03da9079b8d4614fcbf148454aa820cd0cdb5b59b8407b2b216f7f672f76001873fb82be0530cb013022d0bf7c9f9eacb145e777a5c95ad2195d78949e
SSDEEP

98304:K2UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU0:K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe27b377e9edd9ecaccec493a2d15b2c_JaffaCakes118

Files

fe27b377e9edd9ecaccec493a2d15b2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5df7fcee9d56b838e7defe1e8f1c7195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetSystemDirectoryW
GetSystemWindowsDirectoryA
DeleteVolumeMountPointW
LeaveCriticalSection
GetFileAttributesA
SetConsoleMode
Beep
WritePrivateProfileSectionW
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetStdHandle
GetLongPathNameW
GetThreadLocale
GetProcAddress
CreateJobSet
ReadFileEx
RemoveDirectoryA
PrepareTape
GetVolumePathNameW
CreateFileMappingA
LocalAlloc
IsWow64Process
WritePrivateProfileStringA
LockResource
HeapLock
FindNextFileA
WriteProfileStringA
GetModuleHandleA
VirtualProtect
GetConsoleCursorInfo
OpenSemaphoreW
AreFileApisANSI
CommConfigDialogW
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
TlsSetValue
GetDateFormatA
GetWindowsDirectoryA
ConvertFiberToThread
GetTickCount
GetCommProperties
FindFirstFileExW
FlushConsoleInputBuffer
FindCloseChangeNotification
InterlockedCompareExchange
HeapFree
CreateJobObjectW
WritePrivateProfileSectionA
GetStringTypeA
lstrlenA
DebugActiveProcess
CreateMutexW
GetFileSize
FillConsoleOutputCharacterA
GetTempFileNameW
GetComputerNameA
RegisterWaitForSingleObject
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
GetCommandLineW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
HeapSize
CloseHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
WriteConsoleW

user32

GetMenuInfo
GetClipboardSequenceNumber
GetMonitorInfoA

advapi32

QueryServiceStatus
ConvertToAutoInheritPrivateObjectSecurity
RegConnectRegistryA
ReportEventW
ObjectPrivilegeAuditAlarmW
SetKernelObjectSecurity
DuplicateTokenEx
GetAce
AddAuditAccessObjectAce
RegEnumKeyExA
PrivilegeCheck
CreateServiceA
EqualSid
LookupAccountNameA
RegQueryMultipleValuesW
DeleteAce
GetUserNameW
OpenEventLogW
ObjectOpenAuditAlarmA
RegSetValueA
LookupPrivilegeNameW

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9.8MB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df7fcee9d56b838e7defe1e8f1c7195

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 93KB - Virtual size: 246KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 9.8MB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 93KB - Virtual size: 246KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 9.8MB - Virtual size: 7KB