854ced90bd754e1af811af1ea2096338_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

854ced90bd754e1af811af1ea2096338_JaffaCakes118
Size

2.1MB
MD5

854ced90bd754e1af811af1ea2096338
SHA1

a08f5d9ae4efd185e6aa9ee477e6fde4bed41ec0
SHA256

dc35b8c3dc32dbaa770978edf92877a9b3ee4deae2eda069cbea4e022d45e21b
SHA512

aeac9686bc97bad8d99d9bae8223513eddad429c75a79c1ab9c9fd7b4e2312d5c7db5cf6dcd845349b9b82b3b599af89bfa651c4e44763369931229763a61259
SSDEEP

24576:bzp8iGpXEMiWXpik/2NK6c86aZ7umOwIVYlNNHCw5XIP+ydkfcyQbqg8Km7Bc4zc:g8LO00sCWg8H7Bc4N7ng1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
854ced90bd754e1af811af1ea2096338_JaffaCakes118

Files

854ced90bd754e1af811af1ea2096338_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3cfb1ce666d363766fc6284ee4326bdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDepthSList
InterlockedFlushSList
UnregisterWaitEx
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
LCMapStringW
CreateFileW
GetCommandLineW
CreateEventW
FileTimeToLocalFileTime
EnterCriticalSection
ExitProcess
InterlockedPushEntrySList
VirtualAlloc
EncodePointer
DecodePointer
RtlUnwind
GetCommandLineA
RaiseException
IsProcessorFeaturePresent
GetLastError
SetLastError
GetCurrentThread
GetCurrentThreadId
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
GetModuleHandleW
CreateSemaphoreW
IsDebuggerPresent
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
FreeLibrary
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetStringTypeW
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
DuplicateHandle
WaitForSingleObject
GetExitCodeThread
CreateThread
ExitThread
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualFree
VirtualProtect
LoadLibraryW

userenv

UnregisterGPNotification
RegisterGPNotification
LeaveCriticalPolicySection
EnterCriticalPolicySection
ExpandEnvironmentStringsForUserW
GetUserProfileDirectoryW
LoadUserProfileW

comctl32

FlatSB_SetScrollInfo
FlatSB_SetScrollPos
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_Draw
ImageList_Add
ImageList_Destroy
DestroyPropertySheetPage
FlatSB_SetScrollProp

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.te2m
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cfb1ce666d363766fc6284ee4326bdb

Headers

File Characteristics

Imports

kernel32

userenv

comctl32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 9.0MB

.te2m Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 197KB - Virtual size: 197KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 9.0MB

.te2m
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 197KB - Virtual size: 197KB