139cb930a2c04675130bfbadf60b6d47_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

139cb930a2c04675130bfbadf60b6d47_JaffaCakes118
Size

2.2MB
MD5

139cb930a2c04675130bfbadf60b6d47
SHA1

6e681c5c4e1a2fd3469bc62114f4ea5e772099c2
SHA256

ce9c65b059f8a88e9c2818b2a728c3084bea2bdf645ce0766fcd87445b0d6b15
SHA512

d9e7059a5ff9307e2fe17edc9739cf233bdf335c6b2a7c92ebf30ddabb906b876d3ae764317aa17c9345077d8bebcfbad8d4de5087e1a00558c6bd65f598ef64
SSDEEP

12288:90pYHqAZLJqFHfNTIgLbRI/I3BBh+P8NmzLMdL+SrJXU/lHAOobr/ZwPMSXYwk4T:OqqJfRIg2/I3ho8AzoB1U/lgOG4X3q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139cb930a2c04675130bfbadf60b6d47_JaffaCakes118

Files

139cb930a2c04675130bfbadf60b6d47_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d99e80732d1e51bc9ff01d1506983cfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LeaveCriticalSection
GetFileType
SetCommConfig
GetSystemTime
FileTimeToSystemTime
FormatMessageW
CreateSemaphoreW
GetModuleHandleW
FreeEnvironmentStringsW
GetStartupInfoW
GetTempPathW
CreateFileW
GetFileAttributesW
DeleteFileW
IsValidCodePage
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
VirtualAlloc
LocalFree
LocalAlloc
GlobalAlloc
GetModuleHandleExW
GetVersion
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
EnterCriticalSection
GetOEMCP
GetACP
IsDebuggerPresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
DeleteCriticalSection
GetStdHandle
GetProcessHeap
MultiByteToWideChar
GetProcAddress
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegCloseKey
OpenSCManagerW

user32

GetKeyboardLayout
LoadStringW
LoadImageW
GetDesktopWindow
GetWindowLongW
FillRect
WindowFromPoint
ShowCaret
ValidateRgn
SetActiveWindow
GetMenuItemInfoW
TrackPopupMenu
EnableMenuItem
CreatePopupMenu
SetMenu
EnableWindow
BeginDeferWindowPos
GetClassInfoExW
PeekMessageW
DispatchMessageW
CloseDesktop

winspool.drv

SetPortW

setupapi

CM_Locate_DevNodeW
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetSelectedDriverW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetIntField
SetupGetStringFieldW
SetupGetFieldCount
SetupGetLineCountW
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetDriverInfoDetailW

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 726KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hhn6tc
Size: 493KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2n55bl
Size: 483KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rs03t
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d99e80732d1e51bc9ff01d1506983cfc

Headers

File Characteristics

Imports

kernel32

advapi32

user32

winspool.drv

setupapi

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 726KB - Virtual size: 7.3MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.hhn6tc Size: 493KB - Virtual size: 493KB

.2n55bl Size: 483KB - Virtual size: 483KB

.rs03t Size: 446KB - Virtual size: 446KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 726KB - Virtual size: 7.3MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.hhn6tc
Size: 493KB - Virtual size: 493KB

.2n55bl
Size: 483KB - Virtual size: 483KB

.rs03t
Size: 446KB - Virtual size: 446KB

.rsrc
Size: 5KB - Virtual size: 4KB