9b2df21e6a95ed5702f95c9162ededba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9b2df21e6a95ed5702f95c9162ededba_JaffaCakes118
Size

845KB
MD5

9b2df21e6a95ed5702f95c9162ededba
SHA1

b09f18ab057de6dbcbf9be4da925cf3b806b2888
SHA256

2d432c1ff7c7ea31c487516bb2d0c0730279c3568999815b8f68916fc07f232a
SHA512

50fd210f31dbfd56667fb6a83c89e672886e37065c6ad478d6a9594460d62aeea2b362d7a785559085327362d91b3be07a630d7df72622e4996701caa7ac1feb
SSDEEP

24576:uLMHDa429apJ6y8DSHeOZgXJu6juQCkMoVn2:YMHOr9aSSkJHjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b2df21e6a95ed5702f95c9162ededba_JaffaCakes118

Files

9b2df21e6a95ed5702f95c9162ededba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3829d13af399ff7f5d9d498ea5b2d2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
GetTempPathW
FindNextFileW
GetVersionExW
IsValidCodePage
GetOEMCP
GetModuleFileNameW
WideCharToMultiByte
CreateFileMappingW
SystemTimeToFileTime
GetLocalTime
CloseHandle
FindClose
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
ReadFile
WriteFile
GetFileSize
WaitForMultipleObjects
ReleaseSemaphore
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
GetCurrentProcessId
HeapFree
HeapAlloc
HeapDestroy
VirtualAlloc
GlobalUnlock
GetProcAddress
GlobalLock
MultiByteToWideChar
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetACP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
CreateFileW

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW

wininet

HttpAddRequestHeadersW
InternetCrackUrlW
HttpQueryInfoW

crypt32

CryptExportPublicKeyInfo
CertFindExtension
CertGetPublicKeyLength
CertControlStore
CertAddStoreToCollection
CertFreeCRLContext
CryptAcquireCertificatePrivateKey
CertSetCertificateContextProperty
CertCreateCertificateContext
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptDecodeObject
CryptDecodeObjectEx
CryptEncodeObject
CryptExportPKCS8
CryptProtectData
CryptBinaryToStringW
CertGetCertificateContextProperty
CertGetCertificateChain

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 752KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3829d13af399ff7f5d9d498ea5b2d2b

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

crypt32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 752KB - Virtual size: 8.1MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 9KB - Virtual size: 8KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 752KB - Virtual size: 8.1MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 9KB - Virtual size: 8KB