01b7bc7b7efdb468b5a71517ff3739d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01b7bc7b7efdb468b5a71517ff3739d7_JaffaCakes118
Size

2.3MB
MD5

01b7bc7b7efdb468b5a71517ff3739d7
SHA1

2429b523ce49f93c28986bea1c2d318bafc94634
SHA256

19f2cbea289ce1a5acb1d5ce909c27e132c968d2c1b8654cfca655d6c5bf6ae2
SHA512

ccb1c46c7937ec5cbb5b25e4c714545119dda9181f6afef6f6c0474b8ea1e6465d39227d4f8b8c935428baef5e875a2a873175ca974b5ba08737a720f696bb40
SSDEEP

24576:HiMVVHsEP9MVrneB9SpUmswGUge+xUyDZ21Z9fMQfe4:CWVHsEPSVijm0casME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01b7bc7b7efdb468b5a71517ff3739d7_JaffaCakes118

Files

01b7bc7b7efdb468b5a71517ff3739d7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b9c096d99ac01e4ed16727729b7ce2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey

kernel32

GlobalUnlock
GlobalFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsW
SwitchToThread
GetLastError
DeleteCriticalSection
WaitForMultipleObjects
GetFileType
MulDiv
GetSystemTime
GetSystemRegistryQuota
LoadLibraryW
GetStartupInfoW
GetCommandLineW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetFullPathNameW
CreateFileW
FindNextChangeNotification
IsValidCodePage
CompareStringW
GetLocaleInfoW
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
CloseHandle
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
GetCurrentThreadId
RaiseException
EncodePointer
SetLastError

shlwapi

StrRChrW
StrStrIW
PathAppendW
PathFindFileNameW
PathIsUNCServerW
PathRemoveBackslashW
PathRemoveExtensionW
PathRemoveFileSpecW
PathSkipRootW
PathStripToRootW
UrlUnescapeW
PathCreateFromUrlW
SHCreateStreamOnFileW
SHCreateStreamOnFileEx
SHAutoComplete
StrChrIW
StrChrW
StrCmpNW

winspool.drv

EnumMonitorsW

user32

LoadAcceleratorsW
EnableMenuItem
CharNextW
CheckDlgButton
GetDlgItemTextW
GetDlgItemInt
MoveWindow
GetClassInfoW
RegisterClassW
DrawFrameControl
GetKeyboardLayout
GetMenuItemCount
InsertMenuW
ModifyMenuW
SetMenuDefaultItem
GetWindowDC
ReleaseDC
GetUpdateRect
GetScrollPos
MessageBoxW
MessageBeep
GetCursorPos
HideCaret
FindWindowW
CopyIcon
LoadStringW
MapDialogRect
GetMonitorInfoW
GetFocus
GetClassNameW

mprapi

MprConfigInterfaceTransportRemove
MprConfigInterfaceDelete
MprConfigInterfaceCreate
MprConfigTransportGetInfo
MprConfigTransportDelete
MprConfigTransportCreate
MprConfigServerDisconnect
MprConfigServerConnect

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 895KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.911i
Size: 529KB - Virtual size: 529KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eo53i
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aaho
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ui6p74
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b9c096d99ac01e4ed16727729b7ce2b

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

winspool.drv

user32

mprapi

Sections

.text Size: 77KB - Virtual size: 77KB

.data Size: 895KB - Virtual size: 7.5MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.911i Size: 529KB - Virtual size: 529KB

.eo53i Size: 264KB - Virtual size: 264KB

.aaho Size: 202KB - Virtual size: 201KB

.ui6p74 Size: 218KB - Virtual size: 217KB

.rsrc Size: 130KB - Virtual size: 129KB

.text
Size: 77KB - Virtual size: 77KB

.data
Size: 895KB - Virtual size: 7.5MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.911i
Size: 529KB - Virtual size: 529KB

.eo53i
Size: 264KB - Virtual size: 264KB

.aaho
Size: 202KB - Virtual size: 201KB

.ui6p74
Size: 218KB - Virtual size: 217KB

.rsrc
Size: 130KB - Virtual size: 129KB