33a096ce5568793742c44bd62ca897ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33a096ce5568793742c44bd62ca897ed_JaffaCakes118
Size

1.0MB
MD5

33a096ce5568793742c44bd62ca897ed
SHA1

46372ced0338647dde963323317c0fa5e54d1cc4
SHA256

51eb5cda91a5c0bd7d86474930e6967b8edb939c8144c284dbd463df20439e3d
SHA512

bcfba13cb13bb6a0293fee6d3e5c6dd4c445a89bd91c5ac98e6ad8ea92fdd6d0c7e66c26244ba0aba5ef827aeef8c63f90926117c0169a74b07d0d00e5134bd6
SSDEEP

24576:JrOkWbhd2LO6zu1P5pjPnp9O/Vv40vKjGwCzmRtXQ:Jyk961hpjPe/+0SSwCzCJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a096ce5568793742c44bd62ca897ed_JaffaCakes118

Files

33a096ce5568793742c44bd62ca897ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

40f34d6917f93c9437cad2faab34cfd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
HeapSize
HeapAlloc
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetStringTypeW
GetUserDefaultLCID
MultiByteToWideChar
CreateProcessW
LoadLibraryW
lstrlenW
FileTimeToSystemTime
GetSystemTimeAsFileTime
CloseHandle
SetEndOfFile
InitializeCriticalSectionAndSpinCount
GetLastError
GetCurrentThreadId
GetCurrentProcess
HeapReAlloc
VirtualAlloc
LocalFree
GetCommandLineA
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
CreateFileW

secur32

GetUserNameExW
TranslateNameW
InitializeSecurityContextW
FreeContextBuffer

crypt32

CertVerifyCertificateChainPolicy
CertFreeCRLContext
CertFreeCTLContext
CertControlStore
CryptHashCertificate
CertNameToStrW
CryptProtectData
CertGetCertificateChain
CertFreeCertificateChain

ole32

ReleaseStgMedium

userenv

EnterCriticalPolicySection
GetUserProfileDirectoryW
RegisterGPNotification
ExpandEnvironmentStringsForUserW

wintrust

CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext

comctl32

FlatSB_SetScrollInfo
FlatSB_GetScrollPos
ImageList_GetImageInfo
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_LoadImageW
ImageList_Remove
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
DestroyPropertySheetPage

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ar9ew
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.5d67
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0uw6
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40f34d6917f93c9437cad2faab34cfd6

Headers

File Characteristics

Imports

kernel32

secur32

crypt32

ole32

userenv

wintrust

comctl32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6.7MB

.ar9ew Size: 339KB - Virtual size: 339KB

.5d67 Size: 89KB - Virtual size: 89KB

.0uw6 Size: 512KB - Virtual size: 511KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6.7MB

.ar9ew
Size: 339KB - Virtual size: 339KB

.5d67
Size: 89KB - Virtual size: 89KB

.0uw6
Size: 512KB - Virtual size: 511KB

.rsrc
Size: 12KB - Virtual size: 12KB