16efbebf1a14ac38a46c9d09158b10c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16efbebf1a14ac38a46c9d09158b10c7_JaffaCakes118
Size

821KB
MD5

16efbebf1a14ac38a46c9d09158b10c7
SHA1

9df78cb858a5e7a1de0795e12fb34f2aeead0239
SHA256

70cc82e6afea5f2573a7ffaed0fa07db5a4b78249c11ca3ed7028a1013f45b3e
SHA512

96b5a16b143cf0f40e2c91815a8802315e074c66dc3bd3ed027643df408a34a8fc5b2d2ebb24ce1116b16d94e6bbe898f5a4e5daf5eaf7740781416d5f6a397b
SSDEEP

12288:3TAd5EnPhdy8OqCP+wIqjd89CYJjbdDK2t4+XNdzq3EQPd+u5XKFjk6:sdaPLDOfBnZIjRx6mfzq3EQ1+aaFj5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16efbebf1a14ac38a46c9d09158b10c7_JaffaCakes118

Files

16efbebf1a14ac38a46c9d09158b10c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44e29a20a62e913dee1b2e98b09706e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
FileTimeToSystemTime
DeleteFileW
FindClose
IsValidCodePage
WideCharToMultiByte
GetLastError
GetCurrentThreadId
HeapSize
HeapFree
HeapAlloc
FindNextFileW
VirtualAlloc
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
HeapReAlloc
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
Sleep
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStringTypeW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
GetCommandLineW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW

user32

GetCursorPos
PeekMessageW
GetMonitorInfoW
DrawIconEx
DestroyIcon
CreateIcon
FindWindowExW
FindWindowW
InvertRect
GetSysColorBrush
RegisterClassW
SetWindowRgn
CharNextW
CharLowerW
SetDlgItemTextW
GetDlgItemInt
ShowOwnedPopups
GetKeyboardLayout

wininet

InternetCrackUrlW
HttpOpenRequestW

setupapi

CM_Get_Parent_Ex
CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_IDW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupGetStringFieldW
SetupGetFieldCount
SetupGetLineCountW
SetupFindNextLine
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
CM_Get_Device_ID_ExW

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.m44is
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e1t5l
Size: 301KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44e29a20a62e913dee1b2e98b09706e2

Headers

File Characteristics

Imports

kernel32

advapi32

user32

wininet

setupapi

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 7.3MB

.m44is Size: 441KB - Virtual size: 440KB

.e1t5l Size: 301KB - Virtual size: 303KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 7.3MB

.m44is
Size: 441KB - Virtual size: 440KB

.e1t5l
Size: 301KB - Virtual size: 303KB