b253e1b1258705803ae3b17ffa83ff17_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b253e1b1258705803ae3b17ffa83ff17_JaffaCakes118
Size

3.2MB
MD5

b253e1b1258705803ae3b17ffa83ff17
SHA1

0356bdbb539a0a5e3dd61289a2b10e962c72ea8c
SHA256

200a86917ce1649ef77b18bbbc29a01e42bad5dcbdd0c7cf01a980d07bb5b4cb
SHA512

cddcffc14188d7130de589b67e2e4bb0d814ecb5d7bb6ad5532d04958a78762b635ac93106cfda77c5fe00bf39b9a2aa6af42c009d22fe694f7bfca6a9e5a917
SSDEEP

24576:ZEhxqOMg5kVygcuSJLG6tF8+mo5h7ctCwVS:uhxBDeVyZuSQyFtRIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b253e1b1258705803ae3b17ffa83ff17_JaffaCakes118

Files

b253e1b1258705803ae3b17ffa83ff17_JaffaCakes118
.exe windows:5 windows x86 arch:x86

743fb9fbb7dc2328d707c1d9d25967cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

PropVariantClear
CLSIDFromProgID
CLSIDFromString
StringFromCLSID

kernel32

SetFileShortNameW
GetLocalTime
lstrcmpiW
lstrlenW
TlsAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetStartupInfoW
OutputDebugStringW
FindResourceExW
EnumResourceLanguagesW
GetSystemDirectoryW
FindNextFileW
GetVersionExW
GetThreadLocale
EnumUILanguagesW
GetConsoleWindow
GetConsoleMode
GetFileTime
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
ReleaseSemaphore
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapFree
VirtualAlloc
LocalFree
GlobalFree
CreateFileW
GetVersion
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
GetConsoleCP
GetCPInfo
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameW
GetACP

user32

GetMessageW
DestroyMenu
RegisterRawInputDevices
AdjustWindowRectEx
GetClientRect
SetWindowRgn
GetUpdateRgn
UpdateWindow
DrawIcon
SendMessageW
GetLastInputInfo
SendDlgItemMessageW
IsDlgButtonChecked
GetDlgItemTextW
SetDlgItemInt
DrawFrameControl

secur32

DeleteSecurityContext
TranslateNameW
InitializeSecurityContextW

crypt32

CryptBinaryToStringW
CertGetNameStringW
CertNameToStrW
CertAddStoreToCollection
CertFreeCertificateContext
CertEnumCertificatesInStore
CryptMsgUpdate
CryptMsgClose
CryptFindOIDInfo
CryptEncodeObject
CertGetCertificateChain

advapi32

OpenSCManagerW
RegEnumKeyExW
RegCloseKey

winspool.drv

AddFormW

setupapi

CM_Get_Parent
CM_Get_Device_ID_ExW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 785KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n24oc
Size: 695KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4mebt
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aon03
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n5ss1
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

743fb9fbb7dc2328d707c1d9d25967cc

Headers

File Characteristics

Imports

ole32

kernel32

user32

secur32

crypt32

advapi32

winspool.drv

setupapi

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 785KB - Virtual size: 7.3MB

.idata Size: 4KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.n24oc Size: 695KB - Virtual size: 694KB

.4mebt Size: 184KB - Virtual size: 184KB

.aon03 Size: 511KB - Virtual size: 510KB

.n5ss1 Size: 615KB - Virtual size: 614KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 785KB - Virtual size: 7.3MB

.idata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.n24oc
Size: 695KB - Virtual size: 694KB

.4mebt
Size: 184KB - Virtual size: 184KB

.aon03
Size: 511KB - Virtual size: 510KB

.n5ss1
Size: 615KB - Virtual size: 614KB

.rsrc
Size: 363KB - Virtual size: 362KB