9ec3c80cf9e0b1a0a7369ad44f69d5fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9ec3c80cf9e0b1a0a7369ad44f69d5fc_JaffaCakes118
Size

1.2MB
MD5

9ec3c80cf9e0b1a0a7369ad44f69d5fc
SHA1

d31aa61a2760367985de8b05af116200e8aa867b
SHA256

10085259bad459548332eaef4c98cf69d3bc996b8d70ef286f65fd647829369b
SHA512

ac9fc0b1043d719332ec19ced1e078f16c042e5c5460eb877273da58bfca97bace986c141e1314bf57e044be81e374c61faa689e221ddf8c59350efa944d336b
SSDEEP

12288:6iPU1wA1aTJO0hmnjhzRT09YtvZgJWZABbZ9VdQrxcSaJwMKs8uushWbnP7bVfWg:6UrAZVzRTUYtvGw2xZ9cfXsERDbJD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ec3c80cf9e0b1a0a7369ad44f69d5fc_JaffaCakes118

Files

9ec3c80cf9e0b1a0a7369ad44f69d5fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da7e09301c930015d2774de66a680e74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
TlsSetValue
TlsFree
CreateMutexW
OpenFileMappingW
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoW
CloseHandle
GetTempPathW
DeleteFileW
FindFirstFileW
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
SetFileTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetCurrentThreadId
FreeEnvironmentStringsW
GetCurrentProcessId
GetCurrentProcess
HeapSize
HeapAlloc
VirtualFree
VirtualAlloc
LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetSystemDirectoryW
RtlUnwind
GetConsoleCP
FlushFileBuffers
LCMapStringW
GetStringTypeW
HeapReAlloc
OutputDebugStringW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
HeapFree
IsValidCodePage
GetACP
GetOEMCP
IsDebuggerPresent
LoadLibraryExW
CreateFileW

mpr

WNetGetConnectionW
WNetGetUniversalNameW
WNetEnumResourceW

crypt32

CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CertGetNameStringW
CryptHashPublicKeyInfo
CryptAcquireCertificatePrivateKey
CryptExportPublicKeyInfo
CertAddStoreToCollection
CertFreeCTLContext
CertAddCertificateContextToStore
CertFreeCRLContext
CertGetCertificateContextProperty
CertFreeCertificateContext
CertCloseStore
CertOpenStore
CryptMsgGetParam
CryptMsgOpenToDecode
CryptDecodeObject
CryptBinaryToStringW

user32

GetUpdateRect
EndPaint
SetCursor
DrawIcon
ToAscii
GetPriorityClipboardFormat
DrawEdge
DdeAddData
GetDC

winspool.drv

AddJobW

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 751KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da7e09301c930015d2774de66a680e74

Headers

File Characteristics

Imports

kernel32

mpr

crypt32

user32

winspool.drv

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 751KB - Virtual size: 750KB

.data Size: 15KB - Virtual size: 7.2MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 751KB - Virtual size: 750KB

.data
Size: 15KB - Virtual size: 7.2MB

.rsrc
Size: 362KB - Virtual size: 361KB