3da4a2170fd4aed671de96f5b4823c5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3da4a2170fd4aed671de96f5b4823c5d_JaffaCakes118
Size

2.9MB
MD5

3da4a2170fd4aed671de96f5b4823c5d
SHA1

a89b1580dcd093290c2dadbb515ac3c20b58dd3d
SHA256

d23d7f563f7089f10534512df6d9f37c11225c96bea872e2ec224dcb6b8293d8
SHA512

70f1ca9f29895f0ae6d4d64016ebb08951e9064dec042ad3be22d778c01552baa9d634b3a3e4fa938b7110c2e5cb5e77fbf0a06e629ca628cf1b8950921ec080
SSDEEP

24576:pwQ52FfkvYZZhdZoIn2i36d544w8Z+ejp+sSkgH90OOA7aKguvw:pwQo8vYZTdqCU3fwd0DA7Ty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da4a2170fd4aed671de96f5b4823c5d_JaffaCakes118

Files

3da4a2170fd4aed671de96f5b4823c5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c71020ffdc16566a59dd0ba41471afda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegCreateKeyExW

psapi

GetDeviceDriverBaseNameW
GetDeviceDriverFileNameW
GetProcessImageFileNameW
GetModuleBaseNameW

user32

InvalidateRect
ExcludeUpdateRgn
EndPaint
DrawTextW
SetMenuItemInfoW
GetMenuItemInfoW
AppendMenuW
DrawMenuBar
GetMenu
SetTimer
CharPrevW
CharNextW
CharUpperW
IsIconic
GetDoubleClickTime
DispatchMessageW
DdeFreeDataHandle
CheckMenuRadioItem
EqualRect
FillRect
MessageBoxW
CheckDlgButton
ShowScrollBar

kernel32

CreateFileW
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetVersion
GlobalLock
LocalAlloc
VirtualAlloc
HeapDestroy
HeapFree
HeapSize
GetEnvironmentStringsW
InitializeCriticalSection
WaitForSingleObject
GetFileType
GetCommConfig
GetCommState
SystemTimeToFileTime
FileTimeToLocalFileTime
DosDateTimeToFileTime
LoadLibraryW
LoadLibraryExW
FindResourceW
FindResourceExW
GetDriveTypeW
GetSystemDirectoryW
GetDiskFreeSpaceW
GetFileAttributesW
DeleteFileW
FindFirstFileW
GetStringTypeW
GetConsoleWindow
LCMapStringW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
CloseHandle
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress

setupapi

SetupCloseInfFile
SetupFindFirstLineW
SetupGetLineCountW
SetupGetFieldCount
SetupGetStringFieldW
SetupGetIntField
SetupOpenFileQueue
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
CM_Locate_DevNodeW
CM_Get_Parent_Ex
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupDiGetClassDevsW

crypt32

CertVerifyCertificateChainPolicy
CryptProtectData
CertGetNameStringW
CertNameToStrW
CryptHashPublicKeyInfo
CryptExportPKCS8
CertVerifyTimeValidity
CertGetPublicKeyLength
CertControlStore
CertFreeCTLContext
CertAddCertificateContextToStore
CertFreeCRLContext
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptMsgClose
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptFindOIDInfo
CryptEncodeObject

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 794KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.el4md
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e11ob
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t8h29
Size: 582KB - Virtual size: 582KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7ewo8n
Size: 543KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c71020ffdc16566a59dd0ba41471afda

Headers

File Characteristics

Imports

advapi32

psapi

user32

kernel32

setupapi

crypt32

Sections

.text Size: 77KB - Virtual size: 76KB

.data Size: 794KB - Virtual size: 7.3MB

.idata Size: 5KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.el4md Size: 192KB - Virtual size: 191KB

.e11ob Size: 374KB - Virtual size: 373KB

.t8h29 Size: 582KB - Virtual size: 582KB

.7ewo8n Size: 543KB - Virtual size: 542KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 77KB - Virtual size: 76KB

.data
Size: 794KB - Virtual size: 7.3MB

.idata
Size: 5KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.el4md
Size: 192KB - Virtual size: 191KB

.e11ob
Size: 374KB - Virtual size: 373KB

.t8h29
Size: 582KB - Virtual size: 582KB

.7ewo8n
Size: 543KB - Virtual size: 542KB

.rsrc
Size: 363KB - Virtual size: 362KB