43af70508fc95199a1930bae30cd8015_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43af70508fc95199a1930bae30cd8015_JaffaCakes118
Size

1.5MB
MD5

43af70508fc95199a1930bae30cd8015
SHA1

7447f0cf51749f383d090d160e854be8974e0c89
SHA256

d9b0401c00dd0adb4f7e41f29405daad3a079ab263ddb0bd95677b88dc632136
SHA512

2a26f46f781a767f0a525338c0ba2887f65e521e5ca32b278e5c89a7c4ff19e3d465722da2404c4129c4b69761bfb6e26c4d3393ff0cecc1552c71a08e912be3
SSDEEP

12288:0zq+VAm/sqBE0Wi1G9Gj7ac3JC2dc0/olSPXoZXA8KNzyZy9a6PrN1V971eNR2Cp:0fAmUqBE0aaE2XAJmzcy9FzrVp1eSAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43af70508fc95199a1930bae30cd8015_JaffaCakes118

Files

43af70508fc95199a1930bae30cd8015_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26b6e9fe66a5a96c3a4239bec4640eb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapDestroy
GetBinaryTypeW
GetCurrentThreadId
GetLastError
LeaveCriticalSection
ReleaseSemaphore
ClearCommError
PurgeComm
MulDiv
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToSystemTime
CreateMutexW
CreateDirectoryW
GetFullPathNameW
FindFirstFileW
IsValidCodePage
GetOEMCP
MultiByteToWideChar
GetThreadLocale
GetSystemDefaultLCID
GetConsoleWindow
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetACP
HeapFree
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
GetProcAddress
CreateFileW
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
SetLastError
GetCommandLineW

user32

ReleaseDC
PostThreadMessageW
DdeInitializeW
EnumDisplayMonitors
MapDialogRect
UnregisterClassW
GetWindow
FindWindowExW
IntersectRect
InflateRect
WindowFromPoint
SetCursor
SetPropW
ScrollWindowEx
ValidateRect
LoadImageW
GetDC
SetActiveWindow
GetTabbedTextExtentW
GetMenuItemInfoW
DestroyMenu
GetActiveWindow
GetDlgCtrlID
SendDlgItemMessageW
EndDialog
SetWindowPos
IsChild
CreateWindowExW
GetClassInfoExW

winspool.drv

EndPagePrinter
DeletePortW

setupapi

SetupDiBuildDriverInfoList
SetupFindFirstLineW
SetupGetLineCountW
SetupDiEnumDriverInfoW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDevsExW
SetupDiCallClassInstaller
CM_Locate_DevNodeW
CM_Get_Parent
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupOpenInfFileW

shell32

SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
DragQueryFileW
SHBindToParent

oleaut32

VarCyFromStr
VarBstrFromCy
VarBstrFromBool
VarNeg
LoadTypeLi
SetErrorInfo
GetErrorInfo
CreateErrorInfo
VarR8FromStr
VarI4FromStr
VariantChangeTypeEx
VariantCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayRedim
SysStringLen
SysFreeString
SafeArrayUnaccessData

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ib90
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26b6e9fe66a5a96c3a4239bec4640eb8

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

setupapi

shell32

oleaut32

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 6.4MB

.ib90 Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 6.4MB

.ib90
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 362KB - Virtual size: 361KB