a1b6dca0e384550ce3d785ca45a03488_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1b6dca0e384550ce3d785ca45a03488_JaffaCakes118
Size

1.6MB
MD5

a1b6dca0e384550ce3d785ca45a03488
SHA1

399c174723f21466adb8c5b1e85e09259c53152c
SHA256

a5b9ee8f50c03b3ddb0387c403ba27bbafbc6110b8b3df9a473e3369fbe2010c
SHA512

20b06f2e8a6925e84638317da1dc681cbcc3fec8bfe5cbeb7784cd7e6feafb0c398d4a639cf2b52d13d15351627a766c0ecf0889696a1b2450f391cb4d2cdc7b
SSDEEP

24576:sc9Ti1V9PnAA+ikem2D8Y98MPvPcYgEZxiCQlpH:ns1VhnAATk+4Y981dEZkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1b6dca0e384550ce3d785ca45a03488_JaffaCakes118

Files

a1b6dca0e384550ce3d785ca45a03488_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a96db9c32f5e17dbb90751bcf1c29b96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

kernel32

VirtualAlloc
HeapSize
GetEnvironmentStringsW
WaitForSingleObject
GetFileType
GetSystemTimeAsFileTime
GetLocalTime
GetSystemInfo
GetModuleHandleW
FindResourceW
MapViewOfFileEx
GetACP
EnumTimeFormatsW
GetUserGeoID
GetSystemDefaultUILanguage
GetConsoleWindow
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetStdHandle
GetProcessHeap
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress

wintrust

CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
WTHelperGetProvCertFromChain
WinVerifyTrust
CryptCATAdminEnumCatalogFromHash

opengl32

glTexSubImage2D
glBlendFunc
glClear
glClearDepth
glColorMask
glCopyTexSubImage2D
glDepthFunc
glDepthMask
glDisable
glDrawArrays
glDrawElements
glFlush
glGenTextures
glGetError
glGetFloatv
glGetString
glIsEnabled
glPixelStorei
glReadPixels
glStencilOp
glTexImage2D
glViewport
glBindTexture

user32

BeginDeferWindowPos
CreateDialogParamW
DefWindowProcW
DialogBoxParamW
CheckDlgButton
GetFocus
DestroyAcceleratorTable
GetMenu
GetMenuState
CreatePopupMenu
DestroyMenu
GetMenuItemID
SetMenuDefaultItem
DrawIcon
UpdateWindow
SetActiveWindow
SetForegroundWindow
GetWindowTextW
GetClientRect
AdjustWindowRect
GetWindow
DestroyCursor
LoadIconW
MapDialogRect
SetScrollInfo
IsWindow
CopyIcon

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 513KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itnr5r
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hwh02
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.827p81
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.y64i8h
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a96db9c32f5e17dbb90751bcf1c29b96

Headers

File Characteristics

Imports

advapi32

kernel32

wintrust

opengl32

user32

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 513KB - Virtual size: 7.0MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.itnr5r Size: 220KB - Virtual size: 219KB

.hwh02 Size: 381KB - Virtual size: 381KB

.827p81 Size: 125KB - Virtual size: 125KB

.y64i8h Size: 302KB - Virtual size: 301KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 513KB - Virtual size: 7.0MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.itnr5r
Size: 220KB - Virtual size: 219KB

.hwh02
Size: 381KB - Virtual size: 381KB

.827p81
Size: 125KB - Virtual size: 125KB

.y64i8h
Size: 302KB - Virtual size: 301KB

.rsrc
Size: 5KB - Virtual size: 4KB