3b6dc29e9bee46dc64a00f4c1c52b8da_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b6dc29e9bee46dc64a00f4c1c52b8da_JaffaCakes118
Size

2.0MB
MD5

3b6dc29e9bee46dc64a00f4c1c52b8da
SHA1

5667c9c71c0fe2926cefd8cafd34f4f8892cb7e1
SHA256

38edfeec3f4a9c697a35884a8a4bf4e566f2a84a40e2971008daa9f4fb6b3969
SHA512

7fe061bf3bbccf01080af3c622ffcd5be831195bb19c62bbee00ca071656bf83e1e5dbecc85ee2b48085cc5df4beccc87f6709e338b3da7d7b54e14fa7f2db6d
SSDEEP

24576:s6i+L52DiBoHsep2rG2fVWFAhBCbYWyBHyAPM9QPP:s67LgDPMeoBzPkYWyRE9Q3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6dc29e9bee46dc64a00f4c1c52b8da_JaffaCakes118

Files

3b6dc29e9bee46dc64a00f4c1c52b8da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d969659cb5b2eec470229fe4835c2919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupInstallFromInfSectionW
SetupGetIntField
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile

kernel32

IsDebuggerPresent
GetModuleHandleW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GlobalUnlock
GlobalFree
LocalFree
VirtualAlloc
HeapSize
LeaveCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
LockFile
ReadFile
GetCommConfig
PurgeComm
GetLocalTime
FileTimeToSystemTime
lstrlenW
TlsFree
OpenWaitableTimerW
IsValidCodePage
GetDiskFreeSpaceExW
FindFirstFileW
GetOEMCP
CompareStringW
GetUserDefaultLCID
GetStringTypeW
EnumUILanguagesW
GetConsoleWindow
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapReAlloc
HeapAlloc
GetCurrentThreadId
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
GetACP
GetCPInfo
GetStartupInfoW
CreateFileW
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
EnterCriticalSection

mprapi

MprConfigInterfaceTransportEnum
MprConfigInterfaceTransportRemove
MprConfigInterfaceEnum
MprConfigInterfaceGetInfo
MprConfigInterfaceCreate
MprConfigTransportGetHandle
MprConfigServerDisconnect

user32

GetScrollBarInfo
DrawIconEx
PtInRect
HideCaret
AdjustWindowRectEx
RedrawWindow
GetDC
DrawTextW
DrawIcon
TrackPopupMenu
GetSubMenu
GetSystemMenu
SetFocus
CharUpperW
GetDlgItemTextW
EndDialog
IsWindow
CallWindowProcW
DrawEdge
CloseDesktop
GetKeyboardLayout
GetUpdateRgn

advapi32

RegEnumValueW
RegCloseKey
RegQueryInfoKeyW

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 757KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.17ni2n
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3f9he
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1lna05
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.die10
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d969659cb5b2eec470229fe4835c2919

Headers

File Characteristics

Imports

setupapi

kernel32

mprapi

user32

advapi32

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 757KB - Virtual size: 7.8MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.17ni2n Size: 365KB - Virtual size: 365KB

.3f9he Size: 161KB - Virtual size: 161KB

.1lna05 Size: 375KB - Virtual size: 374KB

.die10 Size: 130KB - Virtual size: 130KB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 757KB - Virtual size: 7.8MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.17ni2n
Size: 365KB - Virtual size: 365KB

.3f9he
Size: 161KB - Virtual size: 161KB

.1lna05
Size: 375KB - Virtual size: 374KB

.die10
Size: 130KB - Virtual size: 130KB

.rsrc
Size: 99KB - Virtual size: 98KB