7a89a1d5b92135d459d66f01ca77a9b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7a89a1d5b92135d459d66f01ca77a9b9_JaffaCakes118
Size

948KB
MD5

7a89a1d5b92135d459d66f01ca77a9b9
SHA1

760b9294d7bac8062b4e2eb315170da8bfa239eb
SHA256

5314107747aa5b7ac517c2c49fcb184e000b1d256422b61966a740019dd551ba
SHA512

e507235b89cdd06fc1b850b0cf9bb188c7d2260615d3791c35c95c0bced99d17fd5e1a4606dbf04ea82617efdcbf6f476a8c875499e167840f11af9172652ba3
SSDEEP

24576:QhuGhWAHwDUP7v5qy21cQXmwYWVbEErdzqn5:QcGLwADc+QXmwNbpro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a89a1d5b92135d459d66f01ca77a9b9_JaffaCakes118

Files

7a89a1d5b92135d459d66f01ca77a9b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ae7ec50d1a79bb43bd2ad54a4748737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetACP
GetVersionExW
FindResourceExW
TlsFree
SystemTimeToFileTime
SetEndOfFile
GetFileSize
LoadResource
ReleaseSemaphore
GetLastError
GetCurrentThreadId
HeapDestroy
VirtualAlloc
GlobalFree
GetProcAddress
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
CreateFileW
IsValidCodePage
HeapFree
LeaveCriticalSection
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
EnterCriticalSection

crypt32

CryptMsgUpdate
CryptStringToBinaryW
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CryptProtectData
CryptQueryObject
CertNameToStrW
CryptHashPublicKeyInfo
CryptAcquireCertificatePrivateKey
CertVerifyTimeValidity
CryptHashCertificate
CertGetPublicKeyLength
CertGetEnhancedKeyUsage
CertAddStoreToCollection
CertAddCertificateContextToStore
CertFreeCRLContext
CertFreeCertificateContext
CertCreateCertificateContext
CryptEncodeObjectEx
CryptDecodeObject
CryptFindOIDInfo
CryptMsgClose
CryptMsgGetParam
CertOpenStore
CertCloseStore

setupapi

SetupDiGetDeviceInstallParamsW
SetupGetLineCountW
SetupGetStringFieldW
SetupGetIntField
SetupOpenFileQueue
SetupCloseFileQueue
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInfoListDetailW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Parent_Ex
CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_Device_ID_ExW
SetupDiSetClassInstallParamsW
SetupFindFirstLineW
SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList

shell32

DragAcceptFiles
ShellAboutW
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHChangeNotify
SHBindToParent
SHPathPrepareForWriteW
SHBrowseForFolderW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r596
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sstbf
Size: 220KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ae7ec50d1a79bb43bd2ad54a4748737

Headers

File Characteristics

Imports

kernel32

crypt32

setupapi

shell32

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 284KB - Virtual size: 7.4MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.r596 Size: 257KB - Virtual size: 257KB

.sstbf Size: 220KB - Virtual size: 223KB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 284KB - Virtual size: 7.4MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.r596
Size: 257KB - Virtual size: 257KB

.sstbf
Size: 220KB - Virtual size: 223KB

.rsrc
Size: 99KB - Virtual size: 98KB