01297b3356763b0e50417e70db48985c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01297b3356763b0e50417e70db48985c_JaffaCakes118
Size

2.1MB
MD5

01297b3356763b0e50417e70db48985c
SHA1

f47a30a2a3a49b83f80f9e05227bf270ba8cbca3
SHA256

47127b2dcf6654063853c73747c3538e377fffc11351bf187e717ed56d30c7f1
SHA512

eed8f99de75dc5550b6570296c9c51148d2016a71a7afd62c9b7be3166b893e958e3e229327fbec3f80b52db14634f1a749875c7fc2ab597149a7f2d3ded18e7
SSDEEP

24576:7dyz2UWunD1isspHxfTGhJ5BpBqyuht5iQ/6oE1HWSt:7dNZMDIseyNqyAhoht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01297b3356763b0e50417e70db48985c_JaffaCakes118

Files

01297b3356763b0e50417e70db48985c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d47d0b98f2809d41e8a8bcd5268725f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

ExpandEnvironmentStringsForUserW
GetUserProfileDirectoryW
UnregisterGPNotification
LeaveCriticalPolicySection

user32

SetDlgItemTextW
DefWindowProcW
DdeDisconnectList
ImpersonateDdeClientWindow
GetParent
GetSysColorBrush
GetScrollRange
SetScrollPos
GetSubMenu
CheckMenuItem
CharLowerW
CheckDlgButton
GetDlgItemTextW
ShowWindow
BringWindowToTop
IsIconic
BeginDeferWindowPos
MoveWindow
AnimateWindow
ExitWindowsEx

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
HeapFree
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
LocalAlloc
LocalSize
VirtualAlloc
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
LoadResource
FileTimeToLocalFileTime
PeekNamedPipe
lstrcmpW
OpenEventW
LoadLibraryExW
GetModuleHandleW
ExpandEnvironmentStringsW
FindResourceW
CreateFileW
GetVersionExW
GetOEMCP
GetCPInfo
GetLocaleInfoW
IsValidLocale
GetACP
DecodePointer
IsValidCodePage
IsDebuggerPresent
GetCommandLineW
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
CloseHandle
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent

advapi32

RegOpenKeyExW

winspool.drv

EnumPortsW

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rs3n7r
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ules3o
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ls20
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l6ey
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d47d0b98f2809d41e8a8bcd5268725f3

Headers

File Characteristics

Imports

userenv

user32

kernel32

advapi32

winspool.drv

Sections

.text Size: 135KB - Virtual size: 134KB

.data Size: 498KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.rs3n7r Size: 534KB - Virtual size: 534KB

.ules3o Size: 202KB - Virtual size: 202KB

.ls20 Size: 263KB - Virtual size: 262KB

.l6ey Size: 126KB - Virtual size: 126KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 135KB - Virtual size: 134KB

.data
Size: 498KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.rs3n7r
Size: 534KB - Virtual size: 534KB

.ules3o
Size: 202KB - Virtual size: 202KB

.ls20
Size: 263KB - Virtual size: 262KB

.l6ey
Size: 126KB - Virtual size: 126KB

.rsrc
Size: 362KB - Virtual size: 362KB