8530530113e5a4bb1ebc6bbff0cf9a8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8530530113e5a4bb1ebc6bbff0cf9a8d_JaffaCakes118
Size

937KB
MD5

8530530113e5a4bb1ebc6bbff0cf9a8d
SHA1

0888e0dcee6c89c855b4a8ba81556b0efaec6b70
SHA256

1a1987dd778f4d7f61a0e308d844d4be12485cd65269eb15de2f542920013e02
SHA512

44963e8fcead8d4e36fca3f1630c3682df7c63a763b5def4e16ed7a206659b9d958ca3c8fb8601b804d1d62a363e5fcd0390658caa605537a4fb859685e4d63b
SSDEEP

12288:LSmemLLyc6UUyBmWB4c99p7pUd26ogfsEF42syHZh1ZiYEh4ZLKqIV7EPOwk9X42:OaLycQ89p7C06pfHF4CHZh1MgL0HH/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8530530113e5a4bb1ebc6bbff0cf9a8d_JaffaCakes118

Files

8530530113e5a4bb1ebc6bbff0cf9a8d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eea259ec99081c36495ad09ea32d0eb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayGetLBound
VarI4FromStr

kernel32

DecodePointer
WriteConsoleW
SetFilePointerEx
LocalAlloc
VirtualAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
CloseHandle
GetCommConfig
GetSystemTime
GetSystemInfo
UnmapViewOfFile
lstrcmpiW
CreateMutexW
CreateEventW
CreateFileMappingW
CreateProcessW
WritePrivateProfileStructW
GetTempPathW
BuildCommDCBAndTimeoutsW
GetCPInfoExW
EnumDateFormatsW
GetConsoleWindow
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
CreateFileW
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection

user32

OffsetRect
ChildWindowFromPoint
GetNextDlgGroupItem
GetDoubleClickTime
GetMessageExtraInfo
DdeClientTransaction
GetLastActivePopup

setupapi

SetupDiSetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiGetActualSectionToInstallW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupOpenFileQueue
SetupGetFieldCount
SetupGetLineCountW
SetupFindNextLine
SetupCloseInfFile
CM_Get_Device_IDW
SetupDiGetDeviceInstanceIdW

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eea259ec99081c36495ad09ea32d0eb5

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

setupapi

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 752KB - Virtual size: 751KB

.data Size: 11KB - Virtual size: 7.2MB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 752KB - Virtual size: 751KB

.data
Size: 11KB - Virtual size: 7.2MB

.rsrc
Size: 99KB - Virtual size: 98KB