32de886fac6edf49e4721e3b04f5502b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32de886fac6edf49e4721e3b04f5502b_JaffaCakes118
Size

2.8MB
MD5

32de886fac6edf49e4721e3b04f5502b
SHA1

3b94df0809bb4e80ff93a0754d77d9384459e1eb
SHA256

ed5834323978244b0e89534659c1e6fc93a2af6623ba0fc685793d871c8df9c2
SHA512

b3919e332dad3c7922af1035fe6f60c3fdefcd6e3891da4428cc57c4b97d60f920f50199a3de9c43e6cfa686652f20fc52a76963b397d7b69d149059154e2c91
SSDEEP

24576:Ghv94c18s9oH5+pUxUmESKR0GqgZUbz9uCkYcqAWgRS9gS:Ghv94ozXpUxUU20GqwUbzwYsR6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32de886fac6edf49e4721e3b04f5502b_JaffaCakes118

Files

32de886fac6edf49e4721e3b04f5502b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b9a42a398fe39f0388f0ce19a6ade3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapAlloc
GetEnvironmentStringsW
WaitForSingleObject
WaitForMultipleObjects
ReadFile
SetFilePointerEx
ClearCommError
GetCommModemStatus
FileTimeToLocalFileTime
lstrcmpiW
CreateMutexW
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoW
GetCommandLineW
GetTempPathW
GetFileAttributesW
DeleteFileW
CreateNamedPipeW
LCMapStringW
GetThreadLocale
GetStringTypeW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
CloseHandle
CreateFileW
GlobalFlags
FreeEnvironmentStringsW
GlobalAlloc

advapi32

RegOpenKeyExW
RegSetValueExW

user32

GetMonitorInfoW
SystemParametersInfoW
IsDialogMessageW
LoadCursorW
LoadBitmapW
IsRectEmpty
OffsetRect
DrawFocusRect
GetSysColorBrush
WindowFromPoint
MapWindowPoints
SetWindowRgn
DrawTextW
GetMenuCheckMarkDimensions
DrawMenuBar
LoadMenuW
EnableWindow
GetActiveWindow
SetFocus
CharNextW
CreateDialogParamW
PostMessageW

mprapi

MprConfigTransportCreate
MprConfigTransportDelete
MprConfigBufferFree
MprConfigServerConnect
MprConfigInterfaceDelete
MprConfigInterfaceTransportAdd
MprConfigInterfaceTransportRemove
MprConfigTransportGetHandle

setupapi

SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupGetStringFieldW
SetupGetFieldCount
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetActualSectionToInstallW
CM_Get_Device_IDW
CM_Get_Device_ID_ExW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Parent
SetupDiCreateDeviceInfoListExW

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 676KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8t5t
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a1rr3
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.05h20s
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.w305n
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b9a42a398fe39f0388f0ce19a6ade3f

Headers

File Characteristics

Imports

kernel32

advapi32

user32

mprapi

setupapi

Sections

.text Size: 89KB - Virtual size: 89KB

.data Size: 676KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.8t5t Size: 157KB - Virtual size: 157KB

.a1rr3 Size: 607KB - Virtual size: 607KB

.05h20s Size: 351KB - Virtual size: 351KB

.w305n Size: 627KB - Virtual size: 626KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 89KB - Virtual size: 89KB

.data
Size: 676KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.8t5t
Size: 157KB - Virtual size: 157KB

.a1rr3
Size: 607KB - Virtual size: 607KB

.05h20s
Size: 351KB - Virtual size: 351KB

.w305n
Size: 627KB - Virtual size: 626KB

.rsrc
Size: 363KB - Virtual size: 362KB