38cdd1129e57d663b09598c19a35136d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38cdd1129e57d663b09598c19a35136d_JaffaCakes118
Size

2.1MB
MD5

38cdd1129e57d663b09598c19a35136d
SHA1

5b350db4f701d67b38e178a4a782a0eab8bebacf
SHA256

719433692d23b2fa744a58fea39b8dae42c98a4debcd9702f71615479f8113e1
SHA512

6d60bb278f77d705fa39b66a22565cf9129ba6c01a4f43e76b8273e83909f8f3e232fa2b19850312c4f5788b683bde13eb72b13daf28d3d0407cdbfae4786893
SSDEEP

24576:oqrTAmo6gELcSu/R8gPFYrUM9Hp4kyVaC1/9drVqHr:oqrxo6gEgbagdSzuzainrcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38cdd1129e57d663b09598c19a35136d_JaffaCakes118

Files

38cdd1129e57d663b09598c19a35136d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94fb98e8917d708ada69c34e48c165f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

LocalAlloc
VirtualAlloc
HeapAlloc
GetLastError
EnterCriticalSection
PulseEvent
LoadResource
SetHandleCount
GetFileSize
SetFileShortNameW
GetLocalTime
FileTimeToSystemTime
SetMailslotInfo
GetModuleHandleW
GetCommandLineW
FindResourceW
GetProfileIntW
GetFullPathNameW
GetFileAttributesW
DeleteFileW
FindNextFileW
GetVersionExW
IsValidCodePage
CompareStringW
GetConsoleWindow
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
GetACP
GetOEMCP
GetCPInfo
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

user32

SendMessageTimeoutW
UnregisterClassW
SetWindowPos
SetWindowPlacement
EndDeferWindowPos
IsIconic
EndDialog
GetNextDlgTabItem
GetClipboardOwner
RegisterClipboardFormatW
CharUpperW
GetFocus
SetCapture
LockWindowUpdate
GetScrollRange
ScreenToClient
DrawFocusRect
SetRect
CopyRect
FindWindowW
LoadStringW
MapDialogRect

wintrust

WTHelperGetProvCertFromChain
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 752KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.8losdr
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aabpg1
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n3ns0
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94fb98e8917d708ada69c34e48c165f2

Headers

File Characteristics

Imports

advapi32

kernel32

user32

wintrust

Sections

.text Size: 109KB - Virtual size: 109KB

.data Size: 752KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.8losdr Size: 248KB - Virtual size: 248KB

.aabpg1 Size: 309KB - Virtual size: 309KB

.n3ns0 Size: 377KB - Virtual size: 376KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 109KB - Virtual size: 109KB

.data
Size: 752KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.8losdr
Size: 248KB - Virtual size: 248KB

.aabpg1
Size: 309KB - Virtual size: 309KB

.n3ns0
Size: 377KB - Virtual size: 376KB

.rsrc
Size: 363KB - Virtual size: 362KB