9dea128f48ef9b0431249cb3fca0839b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9dea128f48ef9b0431249cb3fca0839b_JaffaCakes118
Size

2.8MB
MD5

9dea128f48ef9b0431249cb3fca0839b
SHA1

6c3c1885a122c8c846b2d2fef19d6a7105eec010
SHA256

3799906f8ab652434466d926f3c5aa041a58eaa28f9ce830e781cf85345938b7
SHA512

a5e93cbca201212ffd87e5db1701bb91ba2dc71ccc858236656900bf417f9b903351f4e361d5c2534319be4a7c6cb9c4b059b944b682ecebb0e4222b5f75fb32
SSDEEP

24576:/ke60RNb+GYWMvbK7O0QVwny+xLLTzY8xHA7X7:ceNyqainP/TUUyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dea128f48ef9b0431249cb3fca0839b_JaffaCakes118

Files

9dea128f48ef9b0431249cb3fca0839b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

012f9e96e80aefed9b75813f593ca8a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegCloseKey

mprapi

MprConfigInterfaceCreate
MprConfigInterfaceGetInfo
MprConfigTransportGetInfo

user32

GetWindowLongW
WindowFromPoint
GetWindowRgn
GetDC
DragDetect
GetMenuState
LoadAcceleratorsW
GetKeyboardType
GetFocus
FindWindowExW
CreateDialogParamW
IsIconic
UpdateLayeredWindow
DestroyWindow
RegisterClassW
SendMessageW
DrawFrameControl
DrawEdge
GetThreadDesktop
CheckMenuRadioItem
DestroyCursor
GetGUIThreadInfo
SetFocus

kernel32

CloseHandle
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
GetVersion
VirtualAlloc
SetFilePointerEx
GetCommTimeouts
FileTimeToLocalFileTime
GetNamedPipeInfo
TlsFree
GetModuleHandleW
FindResourceExW
CreateFileW
FindCloseChangeNotification
MapViewOfFileEx
GetCPInfo
GetConsoleWindow
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
IsDebuggerPresent
IsValidCodePage
GetACP

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 944KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3r9u
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0a70
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hyasy
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0ittd
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

012f9e96e80aefed9b75813f593ca8a4

Headers

File Characteristics

Imports

advapi32

mprapi

user32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 944KB - Virtual size: 7.9MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.3r9u Size: 421KB - Virtual size: 420KB

.0a70 Size: 449KB - Virtual size: 449KB

.hyasy Size: 294KB - Virtual size: 293KB

.0ittd Size: 339KB - Virtual size: 338KB

.rsrc Size: 365KB - Virtual size: 364KB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 944KB - Virtual size: 7.9MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.3r9u
Size: 421KB - Virtual size: 420KB

.0a70
Size: 449KB - Virtual size: 449KB

.hyasy
Size: 294KB - Virtual size: 293KB

.0ittd
Size: 339KB - Virtual size: 338KB

.rsrc
Size: 365KB - Virtual size: 364KB