86b6ea98aa6cae542f49b25d9b7706c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86b6ea98aa6cae542f49b25d9b7706c2_JaffaCakes118
Size

2.1MB
MD5

86b6ea98aa6cae542f49b25d9b7706c2
SHA1

048320e4ea6afe17a500df0fa6a00145e6b268c6
SHA256

11a21cdde89013810b205f780360ee6997a9077b05cf370944eede24d33564ca
SHA512

7b6b6ee0239b5ba87de2369384f4046434359701e73419940719e95adbaf5ff1003993d62c015db721ff9f40ae27e85ad3fd293475f117109d2b39a61e788821
SSDEEP

24576:0/LaQR04zHRgPOwlJMk/m6DN6G2wAHySLuY6Vfwn8xY:0jty4LG2EMk/mtuAxLV8xY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86b6ea98aa6cae542f49b25d9b7706c2_JaffaCakes118

Files

86b6ea98aa6cae542f49b25d9b7706c2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d08ef46387931f3a533cecc6032a218c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
CreateFileMappingW
FindResourceW
CreateFileW
SetFileAttributesW
GetDefaultCommConfigW
CompareStringW
GetThreadLocale
GetUserDefaultLCID
GetStringTypeW
MapViewOfFile
GetSystemTime
CloseHandle
FlushFileBuffers
SetFilePointerEx
SetStdHandle
InitializeCriticalSection
GetConsoleCP
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
GetConsoleMode
VirtualAlloc
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
WriteConsoleW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW

winspool.drv

ConfigurePortW

ntdsapi

DsUnBindW

user32

WinHelpW
CopyIcon
FindWindowExW
FindWindowW
GetSysColorBrush
GetScrollRange
ScrollWindowEx
CreatePopupMenu
DdeAddData
LoadMenuW
GetSystemMetrics
CharUpperW
GetOpenClipboardWindow
GetDlgItem
IsIconic
SendMessageTimeoutW
SendMessageW
TranslateMessage
DdeFreeDataHandle
GetMenu

comdlg32

CommDlgExtendedError
ReplaceTextW

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a3tti
Size: 679KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.11oha1
Size: 633KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w3usp3
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a29cer
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d08ef46387931f3a533cecc6032a218c

Headers

File Characteristics

Imports

kernel32

advapi32

winspool.drv

ntdsapi

user32

comdlg32

Sections

.text Size: 99KB - Virtual size: 99KB

.data Size: 322KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.a3tti Size: 679KB - Virtual size: 679KB

.11oha1 Size: 633KB - Virtual size: 632KB

.w3usp3 Size: 258KB - Virtual size: 258KB

.a29cer Size: 92KB - Virtual size: 92KB

.rsrc Size: 111KB - Virtual size: 111KB

.text
Size: 99KB - Virtual size: 99KB

.data
Size: 322KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.a3tti
Size: 679KB - Virtual size: 679KB

.11oha1
Size: 633KB - Virtual size: 632KB

.w3usp3
Size: 258KB - Virtual size: 258KB

.a29cer
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 111KB - Virtual size: 111KB