8804dbe40b78f6070ad78b98a859b577_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8804dbe40b78f6070ad78b98a859b577_JaffaCakes118
Size

2.3MB
MD5

8804dbe40b78f6070ad78b98a859b577
SHA1

c073677f4e15ec3c6d181c1cb0f924a055a71597
SHA256

48d59add0c662c6aa40581199c796d543be9aff228afcc9901011b55e6da0565
SHA512

d932b77eba2ffd78547f6415361375ecef3d61dab3750cebb2bd7591fb128abfcb64895bbe0953d62d83dcff1f88d0bc395a677ca6524ca4c049ac4a514f1ae2
SSDEEP

24576:42vzUNGNsvRmptAh2OxWi4+iK4cwWjdC8Ij8nQU4J:42KvgOB3RQxgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8804dbe40b78f6070ad78b98a859b577_JaffaCakes118

Files

8804dbe40b78f6070ad78b98a859b577_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d370d3841e115f62388d75efc3f0689

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalFree
VirtualAlloc
ResetWriteWatch
HeapAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
WaitForMultipleObjects
GetFileSizeEx
ReadFile
MulDiv
FormatMessageW
lstrcmpiW
TlsGetValue
OpenWaitableTimerW
GetModuleHandleW
GetStartupInfoW
GetCommandLineW
FindResourceW
FindResourceExW
EnumResourceNamesW
GetSystemDirectoryW
CreateDirectoryW
DeleteFileW
CancelIo
GetCPInfo
MultiByteToWideChar
GetLocaleInfoW
GetConsoleWindow
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
CreateFileW

secur32

QuerySecurityPackageInfoW
GetUserNameExW

user32

InflateRect
FrameRect
GetDC
UpdateWindow
GetParent
CreateMenu
IsCharUpperW
CreateDialogIndirectParamW
CreateDialogParamW
CreateWindowExW
ActivateKeyboardLayout
FindWindowW
InsertMenuW
DrawIconEx
GetWindowRect

mprapi

MprConfigInterfaceTransportGetHandle
MprConfigInterfaceTransportRemove
MprConfigInterfaceDelete
MprConfigTransportGetHandle
MprConfigBufferFree
MprConfigServerConnect

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 596KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fe88
Size: 763KB - Virtual size: 763KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ribg7
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.75dc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.08o7
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d370d3841e115f62388d75efc3f0689

Headers

File Characteristics

Imports

kernel32

secur32

user32

mprapi

Sections

.text Size: 129KB - Virtual size: 129KB

.data Size: 596KB - Virtual size: 7.1MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.fe88 Size: 763KB - Virtual size: 763KB

.ribg7 Size: 186KB - Virtual size: 186KB

.75dc Size: 82KB - Virtual size: 82KB

.08o7 Size: 221KB - Virtual size: 220KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 129KB - Virtual size: 129KB

.data
Size: 596KB - Virtual size: 7.1MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.fe88
Size: 763KB - Virtual size: 763KB

.ribg7
Size: 186KB - Virtual size: 186KB

.75dc
Size: 82KB - Virtual size: 82KB

.08o7
Size: 221KB - Virtual size: 220KB

.rsrc
Size: 363KB - Virtual size: 362KB