30964a1f501e4de9669546276cc9e29e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30964a1f501e4de9669546276cc9e29e_JaffaCakes118
Size

2.5MB
MD5

30964a1f501e4de9669546276cc9e29e
SHA1

80da0ad0f7f1f418318e09d3f108ac93760a6cfe
SHA256

0686a06d7c1e563680e346698fe908ede91fa80e73b4d180063007966587a6f2
SHA512

a3033418ad7f03a2830e638e0a76910386599420ee77cd961b855117690aa64029ea1b414f0becab4784b85067af75783cebe0c155af1beeb2d910fb7a392127
SSDEEP

24576:Hytae/9oQS/WbvkCQbF605NfGXJbd0jwSh5iZsTz:Hytapv/WjkJ605pGXmwVCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30964a1f501e4de9669546276cc9e29e_JaffaCakes118

Files

30964a1f501e4de9669546276cc9e29e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

39090b3f8cc6510bef7514634493b0b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MonitorFromWindow
SetRect
DestroyCaret
AdjustWindowRect
ScrollWindowEx
CheckMenuItem
GetMenu
KillTimer
MsgWaitForMultipleObjects
GetClassInfoW
DefWindowProcW
AttachThreadInput

kernel32

SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
RtlUnwind
VirtualAlloc
ResetWriteWatch
HeapAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThread
GetLastError
InitializeCriticalSection
SetFilePointerEx
LockFile
GetFileSize
ReadFile
GetCommState
GetSystemTime
GetSystemTimeAsFileTime
GetSystemInfo
FileTimeToSystemTime
DosDateTimeToFileTime
FormatMessageW
TlsAlloc
GetCommandLineW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetTempPathW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
WriteConsoleW
CloseHandle
SizeofResource
CreateFileW
HeapSize
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
Sleep
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

shlwapi

SHCreateStreamOnFileEx
SHCreateStreamOnFileW
SHSetValueW
SHDeleteValueW
SHDeleteEmptyKeyW
UrlUnescapeW
PathRemoveExtensionW
PathRemoveBlanksW
PathRemoveBackslashW
PathIsRelativeW
PathCombineW
PathCanonicalizeW
PathAppendW
SHStrDupW
StrRetToBufW
StrRetToStrW
StrCmpIW
StrTrimW
StrToIntW
StrStrW
StrPBrkW
StrFormatByteSizeW
StrCmpNIW
StrCmpNW
StrChrW
PathFindExtensionW

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 918KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.43wnh1
Size: 479KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2048ai
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9shsi
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39090b3f8cc6510bef7514634493b0b4

Headers

File Characteristics

Imports

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 135KB - Virtual size: 134KB

.data Size: 918KB - Virtual size: 8.1MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.43wnh1 Size: 479KB - Virtual size: 479KB

.2048ai Size: 432KB - Virtual size: 432KB

.9shsi Size: 171KB - Virtual size: 171KB

.rsrc Size: 376KB - Virtual size: 375KB

.text
Size: 135KB - Virtual size: 134KB

.data
Size: 918KB - Virtual size: 8.1MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.43wnh1
Size: 479KB - Virtual size: 479KB

.2048ai
Size: 432KB - Virtual size: 432KB

.9shsi
Size: 171KB - Virtual size: 171KB

.rsrc
Size: 376KB - Virtual size: 375KB