a01239e4f610af8db4eaf139caa10657_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a01239e4f610af8db4eaf139caa10657_JaffaCakes118
Size

1.7MB
MD5

a01239e4f610af8db4eaf139caa10657
SHA1

e399538913e91b882c80d593ce18c5441f566328
SHA256

0231410816f4dc8dfd2a016d90507bfbe089dd3c3c1890ce744db0da4dcb31c8
SHA512

b0704f16a6d32d303f618921f0c0268e1df8bb334e191ce7ecb406f5ad12a8feb62550334a73109d0c400b54f5da7f49f949723c4cc83505c1983bdfd754fb32
SSDEEP

24576:9ZYMZTAGDPctscaV0yKbxL7D7VjeavMEwkBC:9hZJPzuZbJD7VRvMEweC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a01239e4f610af8db4eaf139caa10657_JaffaCakes118

Files

a01239e4f610af8db4eaf139caa10657_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c3b64158363af728502134ea75d83f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetFileSize
ReadFile
FindClose
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
CompareFileTime
FlushViewOfFile
lstrcmpiW
TlsAlloc
GetModuleHandleW
GetStartupInfoW
FindResourceExW
CreateFileW
DeleteFileW
CreateNamedPipeW
GetVersionExW
CreateJobObjectW
IsValidCodePage
GetACP
GetUserDefaultLCID
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapFree
LCMapStringW
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
IsDebuggerPresent
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
HeapDestroy
VirtualAlloc
LocalFree
LocalAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
DeleteCriticalSection
CloseHandle
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
GetCurrentThreadId
SetLastError
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError

user32

GetWindowTextLengthW
DrawCaption
RegisterClassW
SetWindowPos
DeferWindowPos
MapDialogRect
IsIconic
LoadImageW
DestroyIcon
CreateIcon
LoadCursorW
GetTopWindow
GetParent
SetWindowLongW
GetWindowLongW
InflateRect
CopyRect
GetCursorPos
IsDialogMessageW
ShowScrollBar
EnableMenuItem
DestroyMenu
DrawMenuBar
SetMenu
IsWindowEnabled
EnableWindow
MsgWaitForMultipleObjectsEx
CharUpperW
EndDialog
DialogBoxParamW
CreateDialogParamW

ole32

CoGetMalloc
StringFromCLSID
CLSIDFromProgID
CoTaskMemAlloc
CreateStreamOnHGlobal

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW

setupapi

CM_Get_Parent_Ex
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiOpenDeviceInterfaceW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupGetStringFieldW
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetDeviceInstanceIdW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 590KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ir6uh
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsrt
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r4oolt
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o4r6
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c3b64158363af728502134ea75d83f3

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

setupapi

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 590KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ir6uh Size: 508KB - Virtual size: 507KB

.wsrt Size: 152KB - Virtual size: 152KB

.r4oolt Size: 37KB - Virtual size: 37KB

.o4r6 Size: 249KB - Virtual size: 249KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 590KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ir6uh
Size: 508KB - Virtual size: 507KB

.wsrt
Size: 152KB - Virtual size: 152KB

.r4oolt
Size: 37KB - Virtual size: 37KB

.o4r6
Size: 249KB - Virtual size: 249KB

.rsrc
Size: 100KB - Virtual size: 100KB