604d59bc1f9266631063ca28bb57219c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

604d59bc1f9266631063ca28bb57219c_JaffaCakes118
Size

2.7MB
MD5

604d59bc1f9266631063ca28bb57219c
SHA1

5ff5036a895618edd812aa9790c1b15a3a3c32d2
SHA256

051c8b397a63e842284a68f80c4a72fa52808a317ef7c9a23daa5d87c9b62bfc
SHA512

ace2fd944fe178dca29d7cc76d4ddcfd7ab40548c6bf3b535dd452b6aef50f221a71357b4b37dec6804a7cf3fbb238e7c8b7c4a9aace8718ac50fa20f2d539ef
SSDEEP

24576:mWG4chluLSa39bahBF7AMVaefBkU+krjt6jgk+EGzP1UUiZfn+gKQTq:+Bw+ahK/RfH+laN+J+gKQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
604d59bc1f9266631063ca28bb57219c_JaffaCakes118

Files

604d59bc1f9266631063ca28bb57219c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

82eccee754ab4e25fd6561eb8e426f76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDeferWindowPos
AnimateWindow
CreateDialogParamW
RegisterClipboardFormatW
GetActiveWindow
SetTimer
DrawTextW
GetDC
EnableScrollBar
AdjustWindowRect
GetSysColor
FillRect
CopyRect
MapDialogRect
UpdateLayeredWindow
RegisterClassW
GetDoubleClickTime
ExitWindowsEx

ntdsapi

DsUnBindW

kernel32

CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
RtlUnwind
GlobalLock
VirtualAlloc
HeapFree
GetCurrentProcess
ExitProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSemaphore
SetHandleCount
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsAlloc
TlsFree
LoadLibraryW
GetModuleHandleW
GetStartupInfoW
DeleteFileW
FindFirstFileExW
ReadDirectoryChangesW
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
TlsSetValue
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc

setupapi

CM_Get_Parent
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupInstallFromInfSectionW
SetupOpenFileQueue
SetupGetLineCountW
SetupCloseInfFile

advapi32

RegSetValueExW
RegOpenKeyExW

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 785KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dlhysl
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.40e91
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.grwri
Size: 637KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atpral
Size: 507KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82eccee754ab4e25fd6561eb8e426f76

Headers

File Characteristics

Imports

user32

ntdsapi

kernel32

setupapi

advapi32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 785KB - Virtual size: 7.4MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.dlhysl Size: 374KB - Virtual size: 373KB

.40e91 Size: 229KB - Virtual size: 228KB

.grwri Size: 637KB - Virtual size: 636KB

.atpral Size: 507KB - Virtual size: 507KB

.rsrc Size: 139KB - Virtual size: 138KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 785KB - Virtual size: 7.4MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.dlhysl
Size: 374KB - Virtual size: 373KB

.40e91
Size: 229KB - Virtual size: 228KB

.grwri
Size: 637KB - Virtual size: 636KB

.atpral
Size: 507KB - Virtual size: 507KB

.rsrc
Size: 139KB - Virtual size: 138KB