4a76e5e7085ce89eb3faf64e2339e9f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a76e5e7085ce89eb3faf64e2339e9f8_JaffaCakes118
Size

2.6MB
MD5

4a76e5e7085ce89eb3faf64e2339e9f8
SHA1

6e76e277997a30decfa785c16a072038eca32289
SHA256

01c65b05362ada80c9fd6d98b08a5ecd1d2c79ea1d1884671d4b5cdf081a7b8d
SHA512

586fad02ddbcc562b179893f7193572065418d3ee1bee47d90bf86580f83bd5ebd6e0265ff2fdf33faa0c5af6237f2173d39fe3853a9df2477f41260438a1a1a
SSDEEP

24576:I8r1yUOKf/qbTpbTCzppm6Dv3CAARuHViiu6xBg9i:I8rnqJsid0406

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a76e5e7085ce89eb3faf64e2339e9f8_JaffaCakes118

Files

4a76e5e7085ce89eb3faf64e2339e9f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d331944bb45a33815504fd63111d31ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
OpenMutexW
CreateFileMappingW
LoadLibraryW
FileTimeToSystemTime
ExpandEnvironmentStringsW
GetDiskFreeSpaceExW
GetThreadLocale
GetConsoleWindow
CloseHandle
HeapDestroy
VirtualAlloc
GetModuleHandleW
GetVersion
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
CreateFileW

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegSetValueExW

user32

DdeUnaccessData
CreateIcon
DestroyCursor
LoadCursorW
GetShellWindow
FindWindowExW
GetCursorPos
SetScrollRange
TrackPopupMenu
MsgWaitForMultipleObjects
GetInputState
GetClipboardOwner
GetDialogBaseUnits
BringWindowToTop
IsIconic
MoveWindow

setupapi

CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupInstallFromInfSectionW
SetupGetIntField
SetupGetStringFieldW
SetupGetFieldCount
SetupFindNextLine
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 892KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.35otha
Size: 711KB - Virtual size: 710KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oegamc
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.938n
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g7ae
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d331944bb45a33815504fd63111d31ac

Headers

File Characteristics

Imports

kernel32

advapi32

user32

setupapi

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 892KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.35otha Size: 711KB - Virtual size: 710KB

.oegamc Size: 358KB - Virtual size: 358KB

.938n Size: 351KB - Virtual size: 350KB

.g7ae Size: 170KB - Virtual size: 169KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 892KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.35otha
Size: 711KB - Virtual size: 710KB

.oegamc
Size: 358KB - Virtual size: 358KB

.938n
Size: 351KB - Virtual size: 350KB

.g7ae
Size: 170KB - Virtual size: 169KB

.rsrc
Size: 4KB - Virtual size: 4KB