a2d9c40964280fcd9395a0f40b6d8e7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a2d9c40964280fcd9395a0f40b6d8e7e_JaffaCakes118
Size

2.3MB
MD5

a2d9c40964280fcd9395a0f40b6d8e7e
SHA1

78f06959131df69900b1dacd0d130b12120e93c3
SHA256

3bed6d98e97f8b66634b21b2b0f4631e1bac07f7302dcbabb4cb30fc5be601c3
SHA512

cfd3d047a1fa91533004473f56b4cf2006e078f3cf49b3c5ec6d129f06167fae2254c27bdaeb90e3df562b219134205bddf10f5ecdc1ea758948b8c6ebd885ed
SSDEEP

24576:9pL3lYmPFPJYc+i3PbqqCBPpA6PxRRFK1Ne:9pL+mtPJh+i3D1CzkNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2d9c40964280fcd9395a0f40b6d8e7e_JaffaCakes118

Files

a2d9c40964280fcd9395a0f40b6d8e7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4cf73a0d19dcd130e1e5eeb3333c9f9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
HeapSize
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetUserDefaultUILanguage
EnumSystemGeoID
GetDefaultCommConfigW
IsBadStringPtrW
CreateFileW
GetDriveTypeW
CreateProcessW
SystemTimeToFileTime
ClearCommError
ReleaseSemaphore
EnterCriticalSection
CreateFiberEx
HeapAlloc
VirtualAlloc
LeaveCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetModuleHandleW
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CloseHandle

user32

DdeAbandonTransaction
DdeConnectList
CopyRect
HideCaret
SetScrollRange
GetScrollPos
LockWindowUpdate
GetDC
UpdateWindow
SetMenuItemInfoW
GetMenuItemInfoW
DeleteMenu
RemoveMenu
GetMenuItemCount
GetClipboardViewer
GetDlgCtrlID
DialogBoxParamW
GetWindowPlacement
SetWindowPos
PostThreadMessageW
GetMessageW
ActivateKeyboardLayout
SetScrollPos

advapi32

RegCloseKey
RegEnumKeyExW
RegQueryValueExW
OpenSCManagerW
RegDeleteValueW

crypt32

CertGetEnhancedKeyUsage
CertFreeCTLContext
CertGetCertificateContextProperty
CertCreateCertificateContext
CertVerifyTimeValidity
CertOpenStore
CryptMsgClose
CryptMsgOpenToDecode
CryptDecodeObjectEx
CryptEncodeObject
CryptExportPublicKeyInfo
CryptAcquireCertificatePrivateKey
CryptExportPKCS8
CertGetNameStringW
CertCloseStore
CryptBinaryToStringW

setupapi

CM_Get_DevNode_Registry_Property_ExW
SetupDiGetClassDevsW
SetupDiGetDriverInfoDetailW
SetupDiEnumDriverInfoW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupGetLineCountW
SetupCloseInfFile

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 702KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.5eu62r
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s9wl4
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2lhda
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8e2s0a
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cf73a0d19dcd130e1e5eeb3333c9f9b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

crypt32

setupapi

Sections

.text Size: 97KB - Virtual size: 97KB

.data Size: 702KB - Virtual size: 7.2MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.5eu62r Size: 338KB - Virtual size: 338KB

.s9wl4 Size: 192KB - Virtual size: 191KB

.2lhda Size: 233KB - Virtual size: 232KB

.8e2s0a Size: 364KB - Virtual size: 363KB

.rsrc Size: 371KB - Virtual size: 371KB

.text
Size: 97KB - Virtual size: 97KB

.data
Size: 702KB - Virtual size: 7.2MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.5eu62r
Size: 338KB - Virtual size: 338KB

.s9wl4
Size: 192KB - Virtual size: 191KB

.2lhda
Size: 233KB - Virtual size: 232KB

.8e2s0a
Size: 364KB - Virtual size: 363KB

.rsrc
Size: 371KB - Virtual size: 371KB