61a227fc5542935bc34de7f95da2f25e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61a227fc5542935bc34de7f95da2f25e_JaffaCakes118
Size

3.8MB
MD5

61a227fc5542935bc34de7f95da2f25e
SHA1

41b9c84e1c13c75daa55495e5b15547aa46b1db9
SHA256

94572bc5c78b995ab5b384f7ed2a5c57f58c380f36c82623f622252167b31cd4
SHA512

ad82abdbb209206b9a23f23bfc1ce0e64620e07dd415e56572950093ae472e4a1208a618eb6122fc77b371b035c6d2b3bf631b30def7a0af4dafd83ddfdce29d
SSDEEP

24576:v5Z9uFlx1CkB3EH9pIToXehUVAP/PMBRv72SdiYAw27U+iXSNF4fTDCyUiz5PyMV:L9uRWH9MtETyQ4Ipir/0VvCWvYY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61a227fc5542935bc34de7f95da2f25e_JaffaCakes118

Files

61a227fc5542935bc34de7f95da2f25e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0dee59f8e8d8570e4491acf2a024ce48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExW
SHGetFileInfoW
SHFileOperationW

kernel32

OutputDebugStringW
UnregisterWaitEx
QueryDepthSList
GetVersion
VirtualAlloc
GetEnvironmentStringsW
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
MulDiv
CreateMailslotW
CreateEventW
FindNextChangeNotification
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
HeapSize
IsProcessorFeaturePresent
SetLastError
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
GetModuleHandleW
CreateSemaphoreW
IsDebuggerPresent
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LoadLibraryW
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
DuplicateHandle
WaitForSingleObject
GetExitCodeThread
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
CreateThread
ExitThread
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes

user32

BroadcastSystemMessageW
CloseWindowStation
EnumDisplayMonitors
GetTitleBarInfo
GetUpdateRect
GetMenuCheckMarkDimensions

psapi

GetProcessImageFileNameW
GetDeviceDriverBaseNameW
GetMappedFileNameW

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0im09
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dee59f8e8d8570e4491acf2a024ce48

Headers

File Characteristics

Imports

shell32

kernel32

user32

psapi

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 42KB - Virtual size: 7.4MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 8KB - Virtual size: 8KB

.0im09 Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 134KB - Virtual size: 133KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 42KB - Virtual size: 7.4MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 8KB - Virtual size: 8KB

.0im09
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 134KB - Virtual size: 133KB