67155601ae3f39e746bb3b8a1793e470_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67155601ae3f39e746bb3b8a1793e470_JaffaCakes118
Size

5.3MB
MD5

67155601ae3f39e746bb3b8a1793e470
SHA1

d49058bc9b58dee20ac8a752c62388abee87dd92
SHA256

c51f0d917f5e4776323d61afff09f57a17910a03ce65e8b8663a5882aa76117b
SHA512

ba148dd0939182d112452be28154b6064e8374705bbb2b59e393173fa176fcfac2be12b3599cfced7d2104cdf7c54219bd2d5bce6a808d83e2acd9d69eef7725
SSDEEP

24576:tb+RS7uaArTmPxVm+Y6JRZa4IGRrausTRyb3U3TB0tBFX6clp5TsUSj4jZ4KfqR5:tb2PmZVdeg8TGAGoGiEI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67155601ae3f39e746bb3b8a1793e470_JaffaCakes118

Files

67155601ae3f39e746bb3b8a1793e470_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d71b12121bfef31839a3f25e185e9ce9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleFileNameW
lstrlenW
CloseHandle
WaitForMultipleObjects
GetLastError
VirtualAllocEx
LCMapStringW
GlobalFree
WriteConsoleW
SetStdHandle
GetStringTypeW
LoadLibraryW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
HeapAlloc
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
IsDebuggerPresent
OutputDebugStringW
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
CreateFileW

crypt32

CryptAcquireCertificatePrivateKey
CryptHashCertificate
CertGetPublicKeyLength
CryptMsgGetParam
CryptEnumOIDInfo
CryptFindOIDInfo
CryptProtectData

oleaut32

VarBstrFromCy
VarR8FromStr
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysFreeString
SysReAllocStringLen

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wwoao
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ig8tth
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d71b12121bfef31839a3f25e185e9ce9

Headers

File Characteristics

Imports

kernel32

crypt32

oleaut32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 6.1MB

.wwoao Size: 4.0MB - Virtual size: 4.0MB

.ig8tth Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 14KB - Virtual size: 16KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 6.1MB

.wwoao
Size: 4.0MB - Virtual size: 4.0MB

.ig8tth
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 14KB - Virtual size: 16KB