b400389ae5d1c1668a632d924d813fc8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b400389ae5d1c1668a632d924d813fc8_JaffaCakes118
Size

2.0MB
MD5

b400389ae5d1c1668a632d924d813fc8
SHA1

2f0036a2cabccbadb50cd04006d18deb6170ff40
SHA256

aeb69fb1c9a431049eb0f4ce2467f2fd5156659d172177800b00d79dd78a5fa0
SHA512

fa530757419952193fe709c3c1d7ed0615a8fdaf40ddf1ccec588da3b02dfa97b2543cf0cd6805f607bc179319ad39045df5d7d0b38d5294220af1ace3af13df
SSDEEP

24576:BJAnE+C5z7Ovr5E5bKvFYxJx1s6FqDBLggYX:BJAn+BsIbKvFcwCtX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b400389ae5d1c1668a632d924d813fc8_JaffaCakes118

Files

b400389ae5d1c1668a632d924d813fc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

245cfea4bbe2f064c6515801539811e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeClientTransaction
DdeUninitialize
DdeInitializeW
EnumDisplayMonitors
SystemParametersInfoW
DestroyCursor
LoadBitmapW
GetTopWindow
GetSysColor
ChildWindowFromPoint
CreateCaret
MessageBeep
GetScrollPos
EndPaint
GetDC
SetMenuInfo
GetNextDlgTabItem
UnregisterClassW
UnregisterDeviceNotification
DispatchMessageW

kernel32

CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
GlobalLock
VirtualAlloc
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetSystemTime
GetSystemTimeAsFileTime
lstrcmpW
GetTempPathW
FindFirstFileW
LCMapStringW
GetConsoleWindow
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwind
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryExW

setupapi

SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDevsW
SetupDiGetClassDevsExW
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiSetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiGetActualSectionToInstallW
CM_Get_Device_IDW
CM_Get_Device_ID_ExW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Get_Parent
CM_Locate_DevNodeW
SetupOpenInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupFindNextLine
SetupGetIntField
SetupCloseFileQueue
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoList

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 834KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.20o2
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.knley
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s11een
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nto9
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

245cfea4bbe2f064c6515801539811e6

Headers

File Characteristics

Imports

user32

kernel32

setupapi

Sections

.text Size: 93KB - Virtual size: 93KB

.data Size: 834KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.20o2 Size: 279KB - Virtual size: 279KB

.knley Size: 255KB - Virtual size: 254KB

.s11een Size: 29KB - Virtual size: 29KB

.nto9 Size: 187KB - Virtual size: 187KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 93KB - Virtual size: 93KB

.data
Size: 834KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.20o2
Size: 279KB - Virtual size: 279KB

.knley
Size: 255KB - Virtual size: 254KB

.s11een
Size: 29KB - Virtual size: 29KB

.nto9
Size: 187KB - Virtual size: 187KB

.rsrc
Size: 362KB - Virtual size: 362KB