823534efcdf6f8ba163f34820cb640e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

823534efcdf6f8ba163f34820cb640e2_JaffaCakes118
Size

2.1MB
MD5

823534efcdf6f8ba163f34820cb640e2
SHA1

7932d5a29828a2b3be4478869799c002119a55b6
SHA256

0bad95cb4107d00c4d219db52760229eb01aa08e36ce9074d09860bdad8c18db
SHA512

5124d30c2db5e0a941f38991e14066b53ab2fdd0dc99735865ed7b2612e0a250c7aa825204be0f53566676933250b2c1dcfb54664d74b8bb88a4ce1a3487f7a8
SSDEEP

24576:jC2BYs1Na7QN1H0szPYK41dUR3b8iDIA534hNLYhOW0B:jC2BhuMrHNU43rUsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
823534efcdf6f8ba163f34820cb640e2_JaffaCakes118

Files

823534efcdf6f8ba163f34820cb640e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

200f7cc7978b2f52ea173f71c735b226

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
WaitForSingleObject
GetFileSize
FileTimeToLocalFileTime
PeekNamedPipe
OpenMutexW
GetCommandLineW
ExpandEnvironmentStringsW
FindResourceExW
DeleteFileW
MoveFileExW
GetACP
MultiByteToWideChar
GetUserDefaultLCID
GetConsoleWindow
DeleteCriticalSection
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
GetEnvironmentStringsW
VirtualAlloc
GlobalFree
GlobalLock
CloseHandle
RtlUnwind
OutputDebugStringW
LoadLibraryExW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
CreateFileW

user32

DrawFrameControl
DdeFreeDataHandle
TranslateMDISysAccel
LoadImageW
SetWindowsHookExW
GetWindowThreadProcessId
GetPropW
GetScrollRange
SetWindowRgn
AllowSetForegroundWindow
GetMenuItemCount
CheckMenuItem
GetMenuState
BeginDeferWindowPos
GetWindowPlacement
MoveWindow
PostMessageW

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenSCManagerW

winspool.drv

SetPortW

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1015KB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a8dyh
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htstto
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdnl
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

200f7cc7978b2f52ea173f71c735b226

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winspool.drv

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 1015KB - Virtual size: 8.2MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.a8dyh Size: 417KB - Virtual size: 416KB

.htstto Size: 376KB - Virtual size: 375KB

.sdnl Size: 154KB - Virtual size: 153KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 1015KB - Virtual size: 8.2MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.a8dyh
Size: 417KB - Virtual size: 416KB

.htstto
Size: 376KB - Virtual size: 375KB

.sdnl
Size: 154KB - Virtual size: 153KB

.rsrc
Size: 100KB - Virtual size: 100KB