3934aea857f86ace0469c9508f3c2627_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3934aea857f86ace0469c9508f3c2627_JaffaCakes118
Size

2.6MB
MD5

3934aea857f86ace0469c9508f3c2627
SHA1

a8146579eaefe4cf29ce05e5f8dbef6d17c201d7
SHA256

33d388438259331b94e2c4608101603a96741773d93595b10f44e48847f3d1cf
SHA512

45a54ad8e4f9e8a305cc1140cc326d41d9c728406cc9c744bb0a79b50de774c03e886ceac530a6f2d3de0329bad1cde1b0f591e83666348c0f5df2e5d8a7ecfa
SSDEEP

24576:GHTnxzn0sIteMyPV6XrbDNboFRDdOREXqKJxdhatJPbQ9FQSn4XASAL8fxyU1dqS:X5MN67bZof4REdxv8jMQS/IMB/GWT65

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3934aea857f86ace0469c9508f3c2627_JaffaCakes118

Files

3934aea857f86ace0469c9508f3c2627_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3ce104b974ca013ec92ca031a95782d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW
GetDeviceDriverFileNameW

kernel32

SwitchToThread
WriteConsoleW
SetStdHandle
GlobalAlloc
GlobalFlags
VirtualAlloc
IsDebuggerPresent
FindClose
GetMailslotInfo
FindResourceExW
DeleteFileW
BuildCommDCBW
CreateJobObjectW
EnumCalendarInfoExW
GetSystemDefaultLangID
GetConsoleWindow
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeW
LoadLibraryW
LCMapStringW
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
GetLastError
CreateThread
ExitThread
LoadLibraryExW
RaiseException
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
CreateFileW
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapAlloc
HeapSize
OutputDebugStringW
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualFree
VirtualProtect
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx

wininet

HttpOpenRequestW
InternetOpenW
InternetCrackUrlW
HttpQueryInfoW
InternetConnectW
InternetQueryOptionW

user32

KillTimer

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.466o
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6oonf9
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 723KB - Virtual size: 723KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3ce104b974ca013ec92ca031a95782d

Headers

File Characteristics

Imports

psapi

kernel32

wininet

user32

Sections

.text Size: 198KB - Virtual size: 198KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 8.9MB

.466o Size: 372KB - Virtual size: 372KB

.6oonf9 Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 723KB - Virtual size: 723KB

.text
Size: 198KB - Virtual size: 198KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 8.9MB

.466o
Size: 372KB - Virtual size: 372KB

.6oonf9
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 723KB - Virtual size: 723KB