a9009a2935ed87db57d544e28a99510b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9009a2935ed87db57d544e28a99510b_JaffaCakes118
Size

2.6MB
MD5

a9009a2935ed87db57d544e28a99510b
SHA1

6c1742cf6e72d828e55144f60b6da9019a774fe4
SHA256

36557f75f5c48f1684514471e2f9aa7b4b912a71a324db3f0d17b8151e7ac566
SHA512

0f6536411148ac8fb3798c551af7f9039b569a80522cade13f3d53d2a6df5d21dd49ba92be2fdd6563eb46bcaa60195b500cc15c3ddaeb9eb0d6e5d5c98c4890
SSDEEP

24576:cIZ7l8GI4hZqJQLgYIiw7Ibh/FwVD20CyV5gZjBTgU:cIZ7l8GAVZiAFRBMj5gU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9009a2935ed87db57d544e28a99510b_JaffaCakes118

Files

a9009a2935ed87db57d544e28a99510b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0cbdc82198bf05c4936cda719f1a59b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
LoadImageW
LoadBitmapW
IntersectRect
RemovePropW
SetScrollRange
SetScrollPos
DeleteMenu
CheckMenuItem
EnableWindow
MsgWaitForMultipleObjects
GetActiveWindow
GetDlgItem
DialogBoxParamW
GetKeyboardLayout
ActivateKeyboardLayout

advapi32

RegCreateKeyExW

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteConsoleW
LCMapStringW
HeapSize
HeapReAlloc
DeleteCriticalSection
FreeResource
GlobalAlloc
VirtualAlloc
HeapDestroy
EnterCriticalSection
SetFileTime
CloseHandle
FileTimeToLocalFileTime
FlushViewOfFile
TlsGetValue
CreateSemaphoreW
GetModuleHandleW
EnumResourceLanguagesW
GetProfileIntW
GetFullPathNameW
AreFileApisANSI
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
CreateFileW
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapAlloc

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 832KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s9i7
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0eawd
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unahhn
Size: 445KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0sn7
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0cbdc82198bf05c4936cda719f1a59b

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 832KB - Virtual size: 7.6MB

.idata Size: 2KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.s9i7 Size: 374KB - Virtual size: 373KB

.0eawd Size: 433KB - Virtual size: 432KB

.unahhn Size: 445KB - Virtual size: 444KB

.0sn7 Size: 338KB - Virtual size: 337KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 832KB - Virtual size: 7.6MB

.idata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.s9i7
Size: 374KB - Virtual size: 373KB

.0eawd
Size: 433KB - Virtual size: 432KB

.unahhn
Size: 445KB - Virtual size: 444KB

.0sn7
Size: 338KB - Virtual size: 337KB

.rsrc
Size: 100KB - Virtual size: 100KB