809ba83c5006a8429ec09cdd860ca695_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

809ba83c5006a8429ec09cdd860ca695_JaffaCakes118
Size

2.2MB
MD5

809ba83c5006a8429ec09cdd860ca695
SHA1

8f71adeb65a3ceef5ac2f2fb0967fa5aad124565
SHA256

05697f9c1431f35966c347a897e47117009ac309a96405aeb9cef95d85a841cf
SHA512

e6051971eb2895347d5b6e0bb26ded2236ae0b902c3d8e6ab6119688b8cd27fe4de9362e2ee6fa1e79a75ee53ac5d431decf4c220bb88ad514a8d17e991f2275
SSDEEP

24576:6mOVx8ty+oSKeQK7yuwaJrqDQdCaIDl/tvUDV3duU:6mWOKy7yzarPmU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
809ba83c5006a8429ec09cdd860ca695_JaffaCakes118

Files

809ba83c5006a8429ec09cdd860ca695_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f5eac3d2a0c8d758ab78c9271f0c3e17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

StartDocPrinterW

kernel32

SetCommTimeouts
GetSystemTime
TlsFree
LoadLibraryW
LoadLibraryExW
GetFullPathNameW
CreateFileW
MapViewOfFileEx
GetACP
GetOEMCP
GetConsoleWindow
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
SetCommMask
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
PurgeComm
CloseHandle
WriteFile
VirtualAlloc
GlobalAlloc
WriteConsoleW
HeapFree
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetSelectedDriverW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdW
SetupDiGetActualSectionToInstallW
CM_Get_DevNode_Status
CM_Get_Parent
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiSetClassInstallParamsW
SetupGetFieldCount
SetupOpenFileQueue

mprapi

MprConfigInterfaceGetHandle
MprConfigServerConnect
MprConfigInterfaceTransportEnum

user32

GetMenuState
LoadMenuW
GetSystemMetrics
CopyAcceleratorTableW
CharLowerW
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
DestroyMenu
IsWindowVisible
BeginDeferWindowPos
SetWindowPlacement
PostThreadMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
CloseDesktop
ActivateKeyboardLayout
GetSubMenu
DrawTextW
GetForegroundWindow
GetWindowDC
EnableScrollBar
RemovePropW
MessageBoxW
SetRect
GetParent
IsGUIThread
CreateIcon
CopyImage
CopyIcon
WinHelpW
GetMonitorInfoW
DdeInitializeW
IsZoomed

advapi32

RegDeleteKeyW
OpenSCManagerW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 558KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.un36n
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.p5ir7
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1flle
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4p7fe
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5eac3d2a0c8d758ab78c9271f0c3e17

Headers

File Characteristics

Imports

winspool.drv

kernel32

setupapi

mprapi

user32

advapi32

Sections

.text Size: 122KB - Virtual size: 121KB

.data Size: 558KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.un36n Size: 379KB - Virtual size: 379KB

.p5ir7 Size: 152KB - Virtual size: 151KB

.1flle Size: 605KB - Virtual size: 604KB

.4p7fe Size: 326KB - Virtual size: 325KB

.rsrc Size: 122KB - Virtual size: 121KB

.text
Size: 122KB - Virtual size: 121KB

.data
Size: 558KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.un36n
Size: 379KB - Virtual size: 379KB

.p5ir7
Size: 152KB - Virtual size: 151KB

.1flle
Size: 605KB - Virtual size: 604KB

.4p7fe
Size: 326KB - Virtual size: 325KB

.rsrc
Size: 122KB - Virtual size: 121KB