07e723002117b1ba119e93645ef33e7c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07e723002117b1ba119e93645ef33e7c_JaffaCakes118
Size

1.2MB
MD5

07e723002117b1ba119e93645ef33e7c
SHA1

2e56106a1219751f8e2938829decba131d2fbaf5
SHA256

2d2fe013d670a59754c8126cea96b5fac88a842d1cc239ade5be3200c5426024
SHA512

5ba45882af130c83284f52b9cdf0d753d49efaca8310e7f261dbf89c6d4bc242502fcf674cbf17fac0fea085cf539be69b28aadb24f894cca5d0e0c1a8f91f84
SSDEEP

24576:fkAkD4QGhUi6AFjMT7vhw+t8T9VFiGbw/VRc8Rhno42rj:fktDQnIp98TXURcyhno42rj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e723002117b1ba119e93645ef33e7c_JaffaCakes118

Files

07e723002117b1ba119e93645ef33e7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe7b2ebf722547a32ad91a16d18c5db8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
GetTempPathW
GetFullPathNameW
FindFirstFileW
FindNextFileW
ExpandEnvironmentStringsW
QueryPerformanceCounter
GetCPInfoExW
GetThreadLocale
GetConsoleWindow
ReadFileScatter
GetNamedPipeInfo
FormatMessageW
CloseHandle
FindClose
SetEndOfFile
ReadFile
InitAtomTable
GetLastError
GetCurrentThreadId
GetEnvironmentStringsW
VirtualAlloc
LocalAlloc
MoveFileExW
GetProcAddress
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
CreateFileW

crypt32

CertGetNameStringW
CertNameToStrW
CryptExportPKCS8
CertFindExtension
CertControlStore
CertAddStoreToCollection
CertGetCertificateContextProperty
CertCreateCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CryptMsgUpdate
CryptDecodeObjectEx
CryptEncodeObject
CertGetCertificateChain

user32

DdeGetData
GetMonitorInfoW
CopyIcon
DrawIconEx
GetWindow
GetWindowLongW
IsRectEmpty
FrameRect
ShowCursor
RemovePropW
InvalidateRect
GetDC
DrawIcon
GetMenuItemInfoW
CheckMenuItem
LoadAcceleratorsW
MsgWaitForMultipleObjectsEx
GetNextDlgTabItem
GetDlgItem
EndDialog
IsIconic
ActivateKeyboardLayout

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2ekw
Size: 831KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe7b2ebf722547a32ad91a16d18c5db8

Headers

File Characteristics

Imports

kernel32

crypt32

user32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 158KB - Virtual size: 6.7MB

.2ekw Size: 831KB - Virtual size: 834KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 158KB - Virtual size: 6.7MB

.2ekw
Size: 831KB - Virtual size: 834KB

.rsrc
Size: 112KB - Virtual size: 112KB