90eb58548e528614dcc9d3d9499e07f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

90eb58548e528614dcc9d3d9499e07f0_JaffaCakes118
Size

1018KB
MD5

90eb58548e528614dcc9d3d9499e07f0
SHA1

2aebf485f5a5fc3bc7b43f700e0f6472c2d54a06
SHA256

1873434a3e18d08eaa65b6cb86418065545fec35498ddfd57db206ca340a066d
SHA512

ddd0f58ae013a6efb24dd814d8ad530d16dc0b9dc29fc8bba718ac3d77667edc0f08fce7898ca3fa6722f01c24f28f614bfc50de682bbfb7f667966a5e26cc3a
SSDEEP

24576:kE9OG8f0nKMD9i7jSVdT++Uz/CuFmFtf8jH7dQMH:R/nKMauVZFYBbf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90eb58548e528614dcc9d3d9499e07f0_JaffaCakes118

Files

90eb58548e528614dcc9d3d9499e07f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

904f20c668869fd59555fca538e40fad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

user32

CreateAcceleratorTableW
CreateMenu
DestroyMenu
GetUpdateRect
SetCursor
FindWindowW
GetLastInputInfo

kernel32

GetProcAddress
GlobalAlloc
GlobalLock
VirtualAlloc
GetCurrentProcessId
ExitProcess
GetCurrentThreadId
GetProcessId
GetLastError
InitializeCriticalSectionAndSpinCount
GetFileSize
WriteFile
SetFilePointer
ClearCommError
MulDiv
FileTimeToSystemTime
CreateEventW
GetFullPathNameW
FindFirstFileW
FindNextFileW
GetSystemDefaultLangID
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

setupapi

SetupDiGetDeviceInstanceIdW
CM_Locate_DevNodeW
CM_Get_Parent_Ex
CM_Get_DevNode_Status
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupOpenInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupGetFieldCount
SetupGetStringFieldW
SetupGetIntField
SetupCloseFileQueue
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoListExW
SetupDiBuildDriverInfoList
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDevsW
SetupDiGetClassDevsExW
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4t6ogn
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.es3c
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uen3st
Size: 289KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

904f20c668869fd59555fca538e40fad

Headers

File Characteristics

Imports

advapi32

user32

kernel32

setupapi

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 6.9MB

.idata Size: 3KB - Virtual size: 3KB

.4t6ogn Size: 330KB - Virtual size: 329KB

.es3c Size: 338KB - Virtual size: 338KB

.uen3st Size: 289KB - Virtual size: 291KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 6.9MB

.idata
Size: 3KB - Virtual size: 3KB

.4t6ogn
Size: 330KB - Virtual size: 329KB

.es3c
Size: 338KB - Virtual size: 338KB

.uen3st
Size: 289KB - Virtual size: 291KB