758a3a98f4935d876b6f58d9dbd13cfb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

758a3a98f4935d876b6f58d9dbd13cfb_JaffaCakes118
Size

1.5MB
MD5

758a3a98f4935d876b6f58d9dbd13cfb
SHA1

b953f58678a5908a77bc873f5c5e95b1bbb235b1
SHA256

ad179e3e29f5abf5116ae04b364936ca34bff4a0c989b3f5b9ceb3f808b3149b
SHA512

296a95a46ad1bba10d18fc60c4eaf5cce16b002a1682d09283360360fbf66b514cd0ed99058be2835edde4f63378120557c3c219d713152561fe61f65086c05d
SSDEEP

24576:pqga87hTPRwY40DI6HL4hAJbYEFeyziNLxXsfY1d8G:pqg98Yyx4leyzY8fFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
758a3a98f4935d876b6f58d9dbd13cfb_JaffaCakes118

Files

758a3a98f4935d876b6f58d9dbd13cfb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a539ae0597c432af77b8f9b7c0ef467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalLock
VirtualAlloc
HeapSize
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
LoadResource
WriteFile
SetEndOfFile
CloseHandle
FileTimeToLocalFileTime
lstrcmpiW
lstrlenW
TlsAlloc
TlsSetValue
TlsFree
CreateProcessW
FindResourceExW
GetFullPathNameW
FindFirstFileW
GetCPInfo
MultiByteToWideChar
GetUserDefaultLCID
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetOEMCP
GetACP
IsValidCodePage
HeapFree
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
CreateFileW

setupapi

SetupOpenInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupGetStringFieldW
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoList
CM_Get_Device_IDW
SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW

uxtheme

DrawThemeBackground
DrawThemeText
GetThemePartSize
SetWindowTheme
IsAppThemed
OpenThemeData

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2n47
Size: 585KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a539ae0597c432af77b8f9b7c0ef467

Headers

File Characteristics

Imports

kernel32

setupapi

uxtheme

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 468KB - Virtual size: 467KB

.data Size: 4KB - Virtual size: 6.7MB

.2n47 Size: 585KB - Virtual size: 586KB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 468KB - Virtual size: 467KB

.data
Size: 4KB - Virtual size: 6.7MB

.2n47
Size: 585KB - Virtual size: 586KB

.rsrc
Size: 362KB - Virtual size: 361KB