3d33ddc73642fefebaea7a8434dc5aec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d33ddc73642fefebaea7a8434dc5aec_JaffaCakes118
Size

2.9MB
MD5

3d33ddc73642fefebaea7a8434dc5aec
SHA1

ab8e6196a4da7d54a8b08459d014361fb2599c9f
SHA256

5f185b58ffe229f9e27f3ba706380c2fe76488404c78877025c6d2012698d4e8
SHA512

9566b773f42dfcc5aeac72f938f972179332973aad060f1e68273341c7217ecbcc35a8115f61219a7e1f23c5f278591fd3af8ce0afad5f1a4dd7dc90da88b1c6
SSDEEP

24576:Bm0Uy7ukyLh3U4O2d2kbdoE7Xu5HNvO13ZHjuKktERxT+:BPGp0kbVXvDgAxT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d33ddc73642fefebaea7a8434dc5aec_JaffaCakes118

Files

3d33ddc73642fefebaea7a8434dc5aec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8195336af1383a48df870c1ca0f2b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
ExitWindowsEx
RegisterClassW
FlashWindow
GetClassNameW
CopyRect
GetProcessWindowStation
ShowScrollBar
LockWindowUpdate
GetWindowRgnBox
DestroyMenu
SetMenu
LoadMenuW
MapVirtualKeyW
CharUpperW
GetPriorityClipboardFormat
GetDlgItemTextW
GetDlgItemInt
MoveWindow

kernel32

LCMapStringW
HeapSize
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
GlobalFree
VirtualAlloc
HeapAlloc
FreeEnvironmentStringsW
DeleteCriticalSection
PulseEvent
CloseHandle
lstrcmpiW
FlushFileBuffers
TlsAlloc
GetModuleHandleW
GetDiskFreeSpaceW
FindFirstFileExW
FindCloseChangeNotification
GetThreadLocale
GetConsoleWindow
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
lstrlenW
GetCurrentThreadId
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
CreateFileW
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree

wtsapi32

WTSEnumerateSessionsW

mprapi

MprConfigInterfaceEnum
MprConfigTransportGetInfo
MprConfigGetFriendlyName
MprConfigInterfaceTransportEnum
MprConfigTransportCreate
MprConfigInterfaceGetInfo
MprConfigInterfaceDelete
MprConfigInterfaceCreate

winspool.drv

SetPortW

advapi32

RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryInfoKeyW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 800KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0da7e
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.61oa
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i9oi3
Size: 610KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i7n834
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8195336af1383a48df870c1ca0f2b73

Headers

File Characteristics

Imports

user32

kernel32

wtsapi32

mprapi

winspool.drv

advapi32

Sections

.text Size: 94KB - Virtual size: 94KB

.data Size: 800KB - Virtual size: 7.7MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.0da7e Size: 478KB - Virtual size: 477KB

.61oa Size: 513KB - Virtual size: 513KB

.i9oi3 Size: 610KB - Virtual size: 610KB

.i7n834 Size: 77KB - Virtual size: 77KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 94KB - Virtual size: 94KB

.data
Size: 800KB - Virtual size: 7.7MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.0da7e
Size: 478KB - Virtual size: 477KB

.61oa
Size: 513KB - Virtual size: 513KB

.i9oi3
Size: 610KB - Virtual size: 610KB

.i7n834
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 362KB - Virtual size: 362KB