946b5e9be93e94f5d11f381649f1ef0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

946b5e9be93e94f5d11f381649f1ef0d_JaffaCakes118
Size

2.0MB
MD5

946b5e9be93e94f5d11f381649f1ef0d
SHA1

e686bc407b83149e32db97855b962bb420b5e3fb
SHA256

b1db7692723309e9a13efd275fdcb4293fd417c9cf39eb312a1ea857e9d0dcbb
SHA512

a5dd5d1e82ac43980993c248593a5f1bd24875f87eed396bbd86b97a7f224f785ecea44965f8f0d510e9e83ad9a96485e4ff04b339cf02de5d763966087b069d
SSDEEP

24576:XRnKIfrSKOu871IVSbmAoluiPBQnDcbOQpYKn/T0SkZk66HQM:XR04859oIiKngOSZ/gSKk6oQM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946b5e9be93e94f5d11f381649f1ef0d_JaffaCakes118

Files

946b5e9be93e94f5d11f381649f1ef0d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f13333645d0ec9e4cf7468ee69cf017

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
GetClassNameW
FindWindowExW
FindWindowW
SetWindowLongW
GetWindowLongW
FrameRect
MessageBeep
AdjustWindowRectEx
GetClientRect
EnableScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
CreateMenu
SetMenu
IsWindowEnabled
ReleaseCapture
IsCharUpperW
GetDialogBaseUnits
SendDlgItemMessageW
DialogBoxParamW
CreateDialogIndirectParamW
BeginDeferWindowPos
PostMessageW

advapi32

RegDeleteKeyW
RegEnumValueW
RegSetValueExW
RegDeleteValueW

crypt32

CertFreeCRLContext
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertFreeCertificateContext
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertCloseStore
CryptEnumOIDInfo
CryptEncodeObject
CertGetEnhancedKeyUsage
CryptExportPKCS8
CertNameToStrW
CertCreateCertificateContext
CryptBinaryToStringW

kernel32

SetFilePointerEx
SetStdHandle
WriteConsoleW
GetConsoleCP
FlushFileBuffers
CloseHandle
CreateFileW
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
GetConsoleMode
GetModuleHandleExW
VirtualAlloc
ResetWriteWatch
HeapFree
FreeEnvironmentStringsW
InitializeCriticalSection
WaitForMultipleObjects
GetFileSizeEx
SetEndOfFile
TlsGetValue
OpenWaitableTimerW
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
ExpandEnvironmentStringsW
FindResourceExW
EnumResourceNamesW
CreateDirectoryW
CancelIo
GetCPInfo
CompareStringW
GetConsoleWindow
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
LeaveCriticalSection
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
EnterCriticalSection

shlwapi

StrCmpNW
StrCmpNIW
StrFormatByteSizeW
PathAppendW
PathFileExistsW
PathFindNextComponentW
PathIsDirectoryW
PathIsRootW
PathParseIconLocationW
PathRemoveBlanksW
SHDeleteEmptyKeyW
SHDeleteKeyW
SHGetValueW
AssocCreate
SHAutoComplete

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 333KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7rhtl
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3i84
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1it640
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hrie
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f13333645d0ec9e4cf7468ee69cf017

Headers

File Characteristics

Imports

user32

advapi32

crypt32

kernel32

shlwapi

Sections

.text Size: 105KB - Virtual size: 104KB

.data Size: 333KB - Virtual size: 6.9MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.7rhtl Size: 206KB - Virtual size: 205KB

.3i84 Size: 659KB - Virtual size: 659KB

.1it640 Size: 284KB - Virtual size: 284KB

.hrie Size: 327KB - Virtual size: 326KB

.rsrc Size: 102KB - Virtual size: 102KB

.text
Size: 105KB - Virtual size: 104KB

.data
Size: 333KB - Virtual size: 6.9MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.7rhtl
Size: 206KB - Virtual size: 205KB

.3i84
Size: 659KB - Virtual size: 659KB

.1it640
Size: 284KB - Virtual size: 284KB

.hrie
Size: 327KB - Virtual size: 326KB

.rsrc
Size: 102KB - Virtual size: 102KB