172c4cadf0605e08bcb9e97b2854f9f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

172c4cadf0605e08bcb9e97b2854f9f6_JaffaCakes118
Size

2.0MB
MD5

172c4cadf0605e08bcb9e97b2854f9f6
SHA1

f6b318b896cc0f9bb1a044b73b7eae62e7fda2af
SHA256

328ddb0075acb3ae0d63ffd291b8eb327d3f3345747fa2fc8a7e8462b4353512
SHA512

5e8ec14009fca61b71a1dbf7ff9d16a726da420943ba25b5c3648b500ae32c8950c8b26e2e7e037b651e9892dc22d23c9f32bf9ab202002b369c16ac5de995c7
SSDEEP

24576:9VAmSB3EXQxO/pO5ohHwjWRzRmjcAzeGvRaxwMeUqu:9lSeXhjvanvBcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172c4cadf0605e08bcb9e97b2854f9f6_JaffaCakes118

Files

172c4cadf0605e08bcb9e97b2854f9f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

298d57bff1587982210190618d7a31bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpQueryInfoW
HttpSendRequestW
InternetSetOptionW

advapi32

RegCloseKey
RegQueryInfoKeyW
OpenSCManagerW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW

kernel32

SetStdHandle
SetFilePointerEx
GlobalFree
LocalFree
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetTickCount
lstrcmpW
lstrlenW
GetModuleHandleW
GetFullPathNameW
CreateFileW
GetACP
WriteConsoleW
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
GetConsoleMode
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
CloseHandle
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess

psapi

GetModuleBaseNameW
GetMappedFileNameW

user32

GetSysColorBrush
SetMenuContextHelpId
GetMonitorInfoW
GetScrollPos
ValidateRect
GetDCEx
SetMenuDefaultItem
DestroyMenu
LoadMenuW
MsgWaitForMultipleObjectsEx
IsClipboardFormatAvailable
GetDialogBaseUnits
GetDlgItemInt
GetDlgItem
BeginDeferWindowPos
GetMessageW
DdeFreeDataHandle
SetPropW

comdlg32

FindTextW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiEnumDriverInfoW
SetupDiGetActualSectionToInstallW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoList
SetupGetLineCountW
SetupCloseInfFile
CM_Get_Device_ID_ExW
SetupDiOpenDeviceInfoW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 411KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ev32g
Size: 699KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ti28y
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eddm
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.un7ip
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

298d57bff1587982210190618d7a31bb

Headers

File Characteristics

Imports

wininet

advapi32

kernel32

psapi

user32

comdlg32

setupapi

Sections

.text Size: 92KB - Virtual size: 92KB

.data Size: 411KB - Virtual size: 6.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ev32g Size: 699KB - Virtual size: 698KB

.ti28y Size: 443KB - Virtual size: 442KB

.eddm Size: 123KB - Virtual size: 122KB

.un7ip Size: 225KB - Virtual size: 224KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 92KB - Virtual size: 92KB

.data
Size: 411KB - Virtual size: 6.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ev32g
Size: 699KB - Virtual size: 698KB

.ti28y
Size: 443KB - Virtual size: 442KB

.eddm
Size: 123KB - Virtual size: 122KB

.un7ip
Size: 225KB - Virtual size: 224KB

.rsrc
Size: 100KB - Virtual size: 99KB