787204d1577d1675f42d5357853c0451_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

787204d1577d1675f42d5357853c0451_JaffaCakes118
Size

2.6MB
MD5

787204d1577d1675f42d5357853c0451
SHA1

d00f219ba9bf83b9fa7d6ef607f78ab76153f1c2
SHA256

71e3d8e322e11107367c2789848852379ffb11e10a241e5fe34e48a776eec157
SHA512

5c6fd5b2fcac798badc3c9267b6dff357e0bf2636e7b6606661a2c27b7a264b03dfbe9f69752daefd7182841f180fdb50c18dc922241ad67ff4ffac69d761e1d
SSDEEP

24576:jxVHbFGM+7lPeDBAVvyr3OnBU7fPYfiJVldCXGyb4zB0:H+Pjybzr/JVldC500

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787204d1577d1675f42d5357853c0451_JaffaCakes118

Files

787204d1577d1675f42d5357853c0451_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f20e935e39f3c4a5f029368c0840df43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
FindFirstFileW
FileTimeToSystemTime
ReadFile
HeapDestroy
GetFileAttributesW
ExitProcess
EnterCriticalSection
GetFullPathNameW
lstrcmpiW
SetEndOfFile
VirtualAlloc
WaitCommEvent
CreateMailslotW
GetModuleHandleW
BeginUpdateResourceW
GetDiskFreeSpaceExW
MoveFileExW
GetUserDefaultLangID
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
GetACP
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
CreateProcessW
FreeEnvironmentStringsW
FlushFileBuffers
LocalFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
CreateFileW

urlmon

CoInternetParseUrl
RegisterBindStatusCallback

wintrust

CryptCATAdminReleaseContext

opengl32

glIsEnabled
glClearDepth
glFlush
glEnable
glDeleteTextures
glGetError
glStencilOp
glDrawElements
glGetFloatv
glDrawArrays
glTexParameteri
glGenTextures
glCopyTexSubImage2D
glDisable
glTexSubImage2D
glCopyTexImage2D
glTexImage2D
glDepthFunc
glBindTexture
glGetIntegerv
glPixelStorei
glColorMask
glClear
glStencilMask
glReadPixels
glDepthMask
glGetString

advapi32

RegCloseKey
UnregisterTraceGuids
RegOpenKeyExW

user32

PostThreadMessageW
IsClipboardFormatAvailable
DestroyAcceleratorTable
InsertMenuW
GetClassLongW

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 47.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.smn5ik
Size: 562KB - Virtual size: 561KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.16tru5
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9n4e
Size: 937KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f20e935e39f3c4a5f029368c0840df43

Headers

File Characteristics

Imports

kernel32

urlmon

wintrust

opengl32

advapi32

user32

Sections

.text Size: 393KB - Virtual size: 393KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 47.7MB

.smn5ik Size: 562KB - Virtual size: 561KB

.16tru5 Size: 373KB - Virtual size: 372KB

.9n4e Size: 937KB - Virtual size: 937KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 393KB - Virtual size: 393KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 47.7MB

.smn5ik
Size: 562KB - Virtual size: 561KB

.16tru5
Size: 373KB - Virtual size: 372KB

.9n4e
Size: 937KB - Virtual size: 937KB

.rsrc
Size: 363KB - Virtual size: 362KB