9fe14d3285eb06306ddfbdfeb2220c45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fe14d3285eb06306ddfbdfeb2220c45_JaffaCakes118
Size

2.0MB
MD5

9fe14d3285eb06306ddfbdfeb2220c45
SHA1

b761109bc1d202c8da8dec6d40753a6e331b8649
SHA256

9e043a94a15b4db81b35d210b2b91b7c25cc5f2b4c08427e97a9ba6c6c9da93c
SHA512

4bd438f92eff96cc9bd73d2b3e49b9d15490aa93a0d0e26c9c769c234f3a5e2de0f229b7d3fbde3bffaab577fe8ba42221a90fc2e96973a6d6ecd11351556992
SSDEEP

24576:ypF3/NAN8PBXh5d7VDSUxTTRsw4u7U4YiGSzmMZRxxxo+9:QFVxBx5NhS+TNk8GSSSRtn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fe14d3285eb06306ddfbdfeb2220c45_JaffaCakes118

Files

9fe14d3285eb06306ddfbdfeb2220c45_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9fc5652b30b2d6cbc5a780ae8d3b51b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawFrameControl
PeekMessageW
CheckRadioButton
GetKeyboardType
GetMenu
GetSystemMenu
DdeDisconnectList
PackDDElParam
GetScrollInfo
DestroyCursor
PtInRect
SetRectEmpty
MapWindowPoints
ClientToScreen
HideCaret
DestroyCaret
SetCursor
GetScrollRange
ExcludeUpdateRgn
GetUpdateRect
GetDCEx
TrackPopupMenu
GetMenuItemID
CreateMenu
TrackMouseEvent

winspool.drv

AddPrinterConnectionW

advapi32

RegEnumValueW

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteConsoleW
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
HeapSize
CloseHandle
GlobalFree
LocalFree
VirtualAlloc
HeapDestroy
ExitProcess
DeleteCriticalSection
WaitForSingleObject
GetFileType
ReadFile
SetFilePointer
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
FindResourceExW
CreateDirectoryW
CreateFileW
DeleteFileW
ReadDirectoryChangesW
SetDefaultCommConfigW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
GetConsoleWindow
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
GetStdHandle
GetProcessHeap
GetProcAddress
GetModuleHandleExW
DecodePointer
GetCurrentThreadId
SetLastError
GetLastError
EncodePointer
IsProcessorFeaturePresent
RaiseException
GetCommandLineW
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess

ole32

ReleaseStgMedium
CoTaskMemRealloc
CLSIDFromProgID

oleaut32

GetErrorInfo
SetErrorInfo
RegisterTypeLi
LoadTypeLi
VarNeg
VarBoolFromStr
VarBstrFromBool
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VarR8FromStr
VarI4FromStr
VariantChangeTypeEx
VariantChangeType
VariantCopy
VariantClear
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysStringLen
SysAllocStringLen
SysReAllocStringLen

setupapi

CM_Get_Parent_Ex
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupGetFieldCount

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 943KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ip4e
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ttab
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d1ewo
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fc5652b30b2d6cbc5a780ae8d3b51b7

Headers

File Characteristics

Imports

user32

winspool.drv

advapi32

kernel32

ole32

oleaut32

setupapi

Sections

.text Size: 70KB - Virtual size: 70KB

.data Size: 943KB - Virtual size: 7.8MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ip4e Size: 710KB - Virtual size: 709KB

.ttab Size: 128KB - Virtual size: 127KB

.d1ewo Size: 89KB - Virtual size: 89KB

.rsrc Size: 101KB - Virtual size: 100KB

.text
Size: 70KB - Virtual size: 70KB

.data
Size: 943KB - Virtual size: 7.8MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ip4e
Size: 710KB - Virtual size: 709KB

.ttab
Size: 128KB - Virtual size: 127KB

.d1ewo
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 101KB - Virtual size: 100KB