9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118
Size

1.6MB
MD5

9d40f12bafe01d59ce8b40949d61fc5d
SHA1

0d9b23aedea796ab65b41bb0e8220aafe0a867ef
SHA256

86092e62852a8c67ed8bebabc963e40ed40b8add74c9b9318b5772621ce6676a
SHA512

fcd7d8c118f1b4ddc8d413b5eedfec530b7e5a6f3a76032eda7e4164a2d3a3a6a02d2b8b6b60eb6b6d33be3412d74d5ee6d2420ce981239bc1e97123f4c5799b
SSDEEP

24576:zIrIXQLYW6gSiCZsuOVo0Wt3UJqmX/YwwXKFM/238eHL2vFoLgKMitFrfyT:LLWKiqsvPdks5w6aeRL5/zyT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118

Files

9d40f12bafe01d59ce8b40949d61fc5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24f5a56f7930fdbf5c611a80392deec2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

kernel32

ReadFile
SetFilePointer
CreateFileA
GetTempPathA
GetTempFileNameA
GetModuleFileNameA
CreateProcessA
WritePrivateProfileStringA
WriteFile
GetPrivateProfileIntA
CloseHandle
GetPrivateProfileStringA
GetFileAttributesA
InterlockedDecrement
InterlockedIncrement
DeleteFileA
WaitForSingleObject
RtlUnwind
GetLastError
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
lstrlenA
LocalFree
GetCurrentProcess
GetProcAddress
HeapAlloc
HeapReAlloc
RaiseException
ExitProcess
HeapFree
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetVersion

user32

DefWindowProcA
GetDesktopWindow
GetForegroundWindow
GetSystemMetrics
IsWindow
SetTimer
MoveWindow
ShowWindow
KillTimer
LoadBitmapA
BeginPaint
EndPaint
PostQuitMessage
ClientToScreen
CreateWindowExA
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
InvalidateRect
UpdateWindow
wsprintfA
GetCursorPos
GetClientRect
SetFocus

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
GetClipBox
SelectObject
PatBlt
DeleteObject
CreateBrushIndirect

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey

ole32

CoInitialize
CoUninitialize
OleRun
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24f5a56f7930fdbf5c611a80392deec2

Headers

File Characteristics

Imports

dsound

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 71KB

.rsrc Size: 236KB - Virtual size: 232KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 71KB

.rsrc
Size: 236KB - Virtual size: 232KB