16f03539e65878d8893da363a50f8dd1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16f03539e65878d8893da363a50f8dd1_JaffaCakes118
Size

2.7MB
MD5

16f03539e65878d8893da363a50f8dd1
SHA1

5a80e95bcc2762a56a3acea35c8ddc0bdc915f71
SHA256

fa7e8d0729b9b7c13c5a3b973e40bc8bff368856140877113d4d1423839ff82a
SHA512

c3c5803d8212baac0fb59e6dff81f87ab1862534334189feb0f3433fbf67aba124b2ad23be0174ebb6b96fa77d1929b9f2c98687d9bb8c3c672f821e98397de3
SSDEEP

24576:CsjSIQWbEvEoePhqXT4LV6CRYEU7lj6N2CVUsmd:CsGEYzETRd0l2kC0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f03539e65878d8893da363a50f8dd1_JaffaCakes118

Files

16f03539e65878d8893da363a50f8dd1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

051d443d62629f032e0ff8103d7d66a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegOpenKeyExW
RegSetValueExW
OpenSCManagerW
RegDeleteValueW

user32

FillRect
DestroyIcon
CopyIcon
WindowFromPoint
MonitorFromRect
GetListBoxInfo
GetScrollPos
ValidateRect
GetMenuItemInfoW
TrackPopupMenuEx
ModifyMenuW
CharUpperW
SetWindowPlacement
IsWindowVisible
GetLayeredWindowAttributes
WinHelpW
DefWindowProcW

mprapi

MprConfigInterfaceTransportRemove
MprConfigInterfaceTransportAdd
MprConfigInterfaceEnum
MprConfigInterfaceGetInfo
MprConfigInterfaceDelete
MprConfigTransportCreate
MprConfigInterfaceTransportGetHandle

winscard

SCardFreeMemory

mpr

WNetGetResourceInformationW
WNetGetLastErrorW

kernel32

MultiByteToWideChar
WriteConsoleW
SetFilePointerEx
LocalFree
VirtualAlloc
HeapDestroy
WaitForSingleObject
GetFileType
ClearCommBreak
FormatMessageW
lstrcmpiW
CreateMutexW
CreateFileMappingW
GlobalFindAtomW
CreateFileW
FindFirstFileW
CompareStringW
GetConsoleWindow
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
CloseHandle
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_Write
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Remove
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
DestroyPropertySheetPage

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 531KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.34mn4
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a11ok2
Size: 561KB - Virtual size: 561KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sbar
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5n6h2
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

051d443d62629f032e0ff8103d7d66a4

Headers

File Characteristics

Imports

advapi32

user32

mprapi

winscard

mpr

kernel32

comctl32

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 531KB - Virtual size: 7.1MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.34mn4 Size: 452KB - Virtual size: 452KB

.a11ok2 Size: 561KB - Virtual size: 561KB

.sbar Size: 589KB - Virtual size: 588KB

.5n6h2 Size: 180KB - Virtual size: 179KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 531KB - Virtual size: 7.1MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.34mn4
Size: 452KB - Virtual size: 452KB

.a11ok2
Size: 561KB - Virtual size: 561KB

.sbar
Size: 589KB - Virtual size: 588KB

.5n6h2
Size: 180KB - Virtual size: 179KB

.rsrc
Size: 363KB - Virtual size: 362KB