a4aa9a7982c91f52a93f692f1fed7462_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a4aa9a7982c91f52a93f692f1fed7462_JaffaCakes118
Size

2.3MB
MD5

a4aa9a7982c91f52a93f692f1fed7462
SHA1

992e736ae30919b4b2c458b2ba237bcb9a3f6988
SHA256

f79deb9e313ee6e4423419a30ba245210572061f86223d6a35b9f8abe307c100
SHA512

f847fad1bac6d25a5f91f067b2be5f7f1b00d0d4020015aa1f180778286d29909997466f87f4a5e35ed31d83d1458a576eaf148080d7bc89c2074788ced7bb6f
SSDEEP

24576:NeoaP8WdSGFZQMkgFTYAGdRrRfGrP5EScyX9yE:4d8jGFiPZNKc0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4aa9a7982c91f52a93f692f1fed7462_JaffaCakes118

Files

a4aa9a7982c91f52a93f692f1fed7462_JaffaCakes118
.exe windows:5 windows x86 arch:x86

620491598c50ce49b897e645a5aeccc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTimerQueue
GetVersionExW
GetStartupInfoW
WideCharToMultiByte
GetConsoleWindow
OpenJobObjectW
CreateFileW
VirtualAlloc
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
CloseHandle

advapi32

RegQueryInfoKeyW

userenv

UnregisterGPNotification
LeaveCriticalPolicySection

winspool.drv

EndPagePrinter

user32

DdeSetUserHandle
GetIconInfo
DrawIconEx
GetClassNameW
FindWindowW
IsRectEmpty
GetWindowRect
GetWindowTextW
ValidateRect
InvalidateRect
GetDC
DeleteMenu
RemoveMenu
AppendMenuW
InsertMenuW
GetSystemMenu
GetMenu
EnableWindow
MsgWaitForMultipleObjectsEx
IsCharAlphaW
GetNextDlgTabItem
CheckDlgButton
SetDlgItemTextW
MoveWindow
CallWindowProcW
GetKeyboardLayoutList
GetWindowContextHelpId

shlwapi

AssocQueryStringW
AssocCreate
SHDeleteKeyW
UrlEscapeW
UrlIsW
PathStripToRootW
PathRemoveBlanksW
PathIsUNCServerW
PathIsUNCW
PathFindNextComponentW
PathFindExtensionW
PathFileExistsW
PathCanonicalizeW
PathAppendW
StrRetToBufW
StrCmpIW
StrCmpW
StrDupW

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 620KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2ri0s
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eo7dh
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d86oo2
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

620491598c50ce49b897e645a5aeccc0

Headers

File Characteristics

Imports

kernel32

advapi32

userenv

winspool.drv

user32

shlwapi

Sections

.text Size: 127KB - Virtual size: 126KB

.data Size: 620KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.2ri0s Size: 410KB - Virtual size: 409KB

.eo7dh Size: 477KB - Virtual size: 477KB

.d86oo2 Size: 289KB - Virtual size: 289KB

.rsrc Size: 377KB - Virtual size: 377KB

.text
Size: 127KB - Virtual size: 126KB

.data
Size: 620KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.2ri0s
Size: 410KB - Virtual size: 409KB

.eo7dh
Size: 477KB - Virtual size: 477KB

.d86oo2
Size: 289KB - Virtual size: 289KB

.rsrc
Size: 377KB - Virtual size: 377KB