9bba18f23effae89b5044002f119a1ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9bba18f23effae89b5044002f119a1ca_JaffaCakes118
Size

1.3MB
MD5

9bba18f23effae89b5044002f119a1ca
SHA1

fbab6886524ac7ffca5b0c595509ac554c73d72f
SHA256

b61f7e82338be55ca46de61160ffaae5d95d00ca31a274417c5e1824699d5267
SHA512

b36a5b208a42ff9cc918087842104ef202ec3583d156483b8017cbe59ec3f33db78887147f88aab58bc2cfe0a88d987e0d4c201234f660adc2606ca5364423f2
SSDEEP

24576:arxN3VNVtUVxM50U3rqvXBm8dhaGa5NNV:yxNfUfZU7gnhaGaD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bba18f23effae89b5044002f119a1ca_JaffaCakes118

Files

9bba18f23effae89b5044002f119a1ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ec9fd201ea2bd896153c519ffeb687a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
GetACP
WriteFile
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
OutputDebugStringW
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
GetModuleFileNameA
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
SetLastError
GetCommandLineA
GetStringTypeW
GetThreadLocale
MultiByteToWideChar
GetOEMCP
IsValidCodePage
DeleteFileW
FindResourceW
LoadLibraryExW
LoadLibraryW
CreateMutexW
GetLocalTime
lstrlenW
GetSystemTime
CloseHandle
SetFilePointer
GetFileSize
LoadResource
WaitForSingleObject
GetLastError
GetCurrentThreadId
HeapFree
HeapAlloc
VirtualAlloc
LocalFree
GetCPInfo
GetProcAddress

crypt32

CryptStringToBinaryW
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CryptProtectData
CryptQueryObject
CertGetNameStringW
CertNameToStrW
CryptExportPublicKeyInfo
CertFindExtension
CertVerifyTimeValidity
CryptHashCertificate
CertGetPublicKeyLength
CertControlStore
CertAddStoreToCollection
CertFreeCTLContext
CertAddCertificateContextToStore
CertSetCertificateContextProperty
CertCreateCertificateContext
CertOpenStore
CryptMsgGetParam
CryptMsgUpdate
CryptMsgClose
CryptFindOIDInfo
CryptDecodeObjectEx
CryptEncodeObject
CryptBinaryToStringW

comctl32

CreateStatusWindowW
ImageList_Write
ImageList_Read
ImageList_DragEnter
ImageList_AddMasked
ImageList_Draw
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_Destroy
ord17
DestroyPropertySheetPage
FlatSB_SetScrollPos

user32

SendMessageTimeoutW
RegisterClassW
ShowOwnedPopups
CheckRadioButton
CharLowerW
SetMenu
GetMenuItemCount
GetWindowDC
GetWindowTextLengthW
AdjustWindowRectEx
SetCursorPos
InvertRect
GetParent
FindWindowW
GetWindow
DestroyIcon
LoadStringW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9ttg
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adsoa
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a85dmi
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ec9fd201ea2bd896153c519ffeb687a

Headers

File Characteristics

Imports

kernel32

crypt32

comctl32

user32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 7.2MB

.9ttg Size: 155KB - Virtual size: 155KB

.adsoa Size: 332KB - Virtual size: 332KB

.a85dmi Size: 349KB - Virtual size: 348KB

.rsrc Size: 370KB - Virtual size: 369KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 7.2MB

.9ttg
Size: 155KB - Virtual size: 155KB

.adsoa
Size: 332KB - Virtual size: 332KB

.a85dmi
Size: 349KB - Virtual size: 348KB

.rsrc
Size: 370KB - Virtual size: 369KB