70081e2f14357c6d0ba6b8a876901a25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70081e2f14357c6d0ba6b8a876901a25_JaffaCakes118
Size

3.0MB
MD5

70081e2f14357c6d0ba6b8a876901a25
SHA1

56cdc4f6afb3af716b90a0a447255c375b1c6fda
SHA256

6536691b05a3b93f437b7dfd2370277b2179ec0a1d592c96a541afa67c7ca738
SHA512

57425cc185f179a02b86129bcfef8760ac542072209182247501392213ccafc56df9ef1da81955d1d2d472054c45679276b2f4a98156b6a1e139c41f3c2c5056
SSDEEP

24576:p4XcYGQ4UniKQKbKBXVoBAecLtBBqjREbbv5dBXS12j:p4XGQtiK+xVoqrnBqjRE/Bdbj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70081e2f14357c6d0ba6b8a876901a25_JaffaCakes118

Files

70081e2f14357c6d0ba6b8a876901a25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6eae699bcc91fd437e7153ab74afa063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
GetLogicalProcessorInformation
WideCharToMultiByte
GetUserDefaultUILanguage
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
ExpandEnvironmentStringsW
LCMapStringW
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetStartupInfoW
GetProcessVersion
TlsAlloc
lstrcmpW
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
LeaveCriticalSection
OpenThread
EnterCriticalSection
HeapSize
VirtualAlloc
GlobalAlloc
FreeResource
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapFree
CreateFileW

user32

DdeQueryConvInfo
CopyIcon
DestroyIcon
CheckMenuRadioItem
FindWindowExW
InflateRect
GetSysColor
GetCursorPos
GetScrollPos
BeginPaint
SetForegroundWindow
RemoveMenu
DrawMenuBar
MsgWaitForMultipleObjects
GetActiveWindow
SetDlgItemInt
GetDlgItem
MoveWindow
GetClassInfoW
PostThreadMessageW

crypt32

CertFreeCertificateChain
CryptProtectData
CertGetNameStringW
CertAddCertificateContextToStore
CertFreeCRLContext
CertFreeCertificateContext
CertCreateCertificateContext
CertEnumCertificatesInStore
CryptStringToBinaryW

advapi32

RegEnumValueW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 900KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.81mh
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.al49s
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vio5o
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.03d99i
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6eae699bcc91fd437e7153ab74afa063

Headers

File Characteristics

Imports

kernel32

user32

crypt32

advapi32

Sections

.text Size: 95KB - Virtual size: 94KB

.data Size: 900KB - Virtual size: 7.2MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.81mh Size: 402KB - Virtual size: 401KB

.al49s Size: 396KB - Virtual size: 395KB

.vio5o Size: 599KB - Virtual size: 599KB

.03d99i Size: 330KB - Virtual size: 329KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 95KB - Virtual size: 94KB

.data
Size: 900KB - Virtual size: 7.2MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.81mh
Size: 402KB - Virtual size: 401KB

.al49s
Size: 396KB - Virtual size: 395KB

.vio5o
Size: 599KB - Virtual size: 599KB

.03d99i
Size: 330KB - Virtual size: 329KB

.rsrc
Size: 362KB - Virtual size: 362KB