319a262b62845b31a6597a2ac5d1a5a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

319a262b62845b31a6597a2ac5d1a5a9_JaffaCakes118
Size

909KB
MD5

319a262b62845b31a6597a2ac5d1a5a9
SHA1

967f927aa7614fe1ccc1dc4f152654b95d32c78d
SHA256

7345432446472219f27bfe49c07279a4b793be8c08f74fca9cc9841fb1a5146c
SHA512

cbc085970132db0a597b79dbda0167ff5a4db5334bdb40d1b11b39ad2550d0a2fcf6f81275cb99f80ec07864d686fb905f2592100c6c934f63eceeb244c0c94f
SSDEEP

24576:phSIxc0Tt33fZ3NnpP6VIMws++MAfvLcj79WFF5:phS83h3VpP6I8MAG7EFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
319a262b62845b31a6597a2ac5d1a5a9_JaffaCakes118

Files

319a262b62845b31a6597a2ac5d1a5a9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f23756a80de9df0043fb0d4a7c71935d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetOEMCP
GetACP
IsValidCodePage
HeapFree
LeaveCriticalSection
GetConsoleCP
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetStringTypeW
WideCharToMultiByte
GetCPInfo
GetVersionExW
DeleteFileW
GetVersion
CloseHandle
SetEndOfFile
EnterCriticalSection
GetLastError
VirtualAlloc
GetProcessHeap
MultiByteToWideChar
GetCommandLineW
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
CreateFileW

user32

GetScrollInfo
GetIconInfo
WindowFromPoint
ClientToScreen
GetCursorPos
SetScrollPos
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
GetFocus
RegisterClipboardFormatW
PostThreadMessageW
PostMessageW
ExitWindowsEx
GetSysColorBrush

oleaut32

SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SysStringLen
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantCopy
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarNot
VarBstrFromBool
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarI4FromStr
VariantCopyInd

mpr

WNetGetUniversalNameW
WNetGetConnectionW

setupapi

SetupDiCreateDeviceInfoList
SetupDiGetSelectedDriverW
SetupDiGetDeviceInstallParamsW
SetupInstallFromInfSectionW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
SetupFindFirstLineW
SetupDiSetClassInstallParamsW
SetupCloseInfFile

crypt32

CertGetPublicKeyLength
CertFreeCertificateChain
CertNameToStrW
CryptExportPKCS8
CryptExportPublicKeyInfo
CertFindExtension
CertControlStore
CertAddStoreToCollection
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertCreateCertificateContext
CertOpenStore
CryptMsgClose
CryptDecodeObject
CryptEncodeObject
CryptEncodeObjectEx

psapi

GetMappedFileNameW
GetDeviceDriverFileNameW

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wotir
Size: 812KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f23756a80de9df0043fb0d4a7c71935d

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

mpr

setupapi

crypt32

psapi

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6.6MB

.wotir Size: 812KB - Virtual size: 813KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6.6MB

.wotir
Size: 812KB - Virtual size: 813KB