b65a2a2cc022a68d29010e9154fe273c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b65a2a2cc022a68d29010e9154fe273c_JaffaCakes118
Size

799KB
MD5

b65a2a2cc022a68d29010e9154fe273c
SHA1

fb723ce52f07ca35bc0b34b2fd5a1b8ad5058508
SHA256

a9231bd7822136de74fe404fa43e0fe6d936a2639348069e56cc82b2beddb45d
SHA512

ff4c7d70b1147a9571e54add253aacf449f955c50f4f988b2691103ce0d14ef352a542f43581779015b6fc33d9b21f84b629a4fa91325c7bd2eeb34a92598db3
SSDEEP

12288:CMRuDsJDVOqowVGwE8jyzRWiytKVrfw1Y33+kE5G+9frm:WIJDdoo91GpKK9ff3ch9Dm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b65a2a2cc022a68d29010e9154fe273c_JaffaCakes118

Files

b65a2a2cc022a68d29010e9154fe273c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8657c3250644712f89ca2601cd1ccf3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
GetFullPathNameA
FreeConsole
GetStringTypeA
GetFileSizeEx
SetFileAttributesA
GetCurrencyFormatA
SetEndOfFile
GetCPInfo
SetThreadPriorityBoost
CreateWaitableTimerA
GetSystemDirectoryA
FindAtomA
Module32First
CreateHardLinkA
CreateWaitableTimerW
OpenJobObjectA
ReleaseSemaphore
FreeUserPhysicalPages
MapUserPhysicalPages
GetLogicalDriveStringsA
GetCPInfoExA
SetCurrentDirectoryA
FindVolumeClose
GetHandleInformation
GetPrivateProfileIntA
GetPrivateProfileStructW
FindResourceW
ReadFile
SetConsoleTextAttribute
FindFirstVolumeW
ChangeTimerQueueTimer
CancelWaitableTimer
ReplaceFileA
GetConsoleWindow
GetVolumePathNameA
DuplicateHandle
GetProfileStringW
GetPrivateProfileStructA
SetCalendarInfoW
GetFileInformationByHandle
SetFileAttributesW
ReadDirectoryChangesW
SetThreadExecutionState
CopyFileExW
GetVersion
DeleteAtom
GetProcessAffinityMask
CreateDirectoryExA
SetThreadAffinityMask
IsSystemResumeAutomatic
GetProfileIntA
GetAtomNameW
GetCalendarInfoW
SwitchToThread
CompareStringA
VirtualAlloc
GetProcessWorkingSetSize
SetThreadContext
FlushInstructionCache
OpenWaitableTimerW
ReplaceFileW
GetStringTypeExW
SetSystemTimeAdjustment
FindResourceExW
GetCurrencyFormatW
GetSystemWindowsDirectoryW
OpenSemaphoreW
LCMapStringW
GetPrivateProfileIntW
CreateJobObjectW
LoadResource
SetThreadLocale
CreateHardLinkW
CreateTimerQueue
CreateDirectoryA
CreateDirectoryW
SetComputerNameExW
SetSystemPowerState
MapViewOfFileEx
DosDateTimeToFileTime
GetModuleFileNameW
FreeEnvironmentStringsW
CreateNamedPipeA
GetLongPathNameW
SetCurrentDirectoryW
SetMailslotInfo
Module32Next
CreateDirectoryExW
GetProfileSectionW
FormatMessageW
WideCharToMultiByte
GetCurrentDirectoryA
MapUserPhysicalPagesScatter
GetConsoleScreenBufferInfo
SetCalendarInfoA
GetNumberFormatW
CreateIoCompletionPort
GetModuleHandleA
GetDateFormatA
GetProcAddress
SetEvent
OpenSemaphoreA
GetSystemDefaultUILanguage
Module32FirstW
GetConsoleCP
GetConsoleAliasA
GetCurrentConsoleFont
GetAtomNameA
CreateEventW
AreFileApisANSI
GetConsoleAliasExesLengthA
FoldStringW
OpenMutexW
GetThreadLocale
DeleteTimerQueueEx
ResetWriteWatch
MoveFileWithProgressA
PeekNamedPipe
OpenEventA
GetProcessVersion
GetNumberOfConsoleInputEvents
GetConsoleAliasesW
GetTempPathA
GetPrivateProfileSectionNamesA
GetDiskFreeSpaceExA
MapViewOfFile
GetTimeFormatW
ReadProcessMemory
ContinueDebugEvent
GetNamedPipeInfo
ResetEvent
GetWindowsDirectoryW
ExpandEnvironmentStringsA
GetCalendarInfoA
GetNumberFormatA
SetComputerNameExA
IsValidCodePage
GetPrivateProfileStringW
GetFileAttributesW
EnumCalendarInfoExA
CancelIo
FoldStringA
GetProfileIntW
GetPrivateProfileSectionA
CreateFileMappingA
GetCommandLineA
HeapSetInformation
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapFree
Sleep
GetACP
GetOEMCP
RtlUnwind
HeapSize
HeapAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent

advapi32

LookupAccountSidW
GetAclInformation
RegCreateKeyW
OpenProcessToken
LookupAccountNameW
RegDeleteKeyA
GetSidSubAuthority
RegNotifyChangeKeyValue
GetSecurityDescriptorLength
CopySid
RegDeleteValueW
RegQueryValueW
SetEntriesInAclW
CheckTokenMembership
RegSetValueExA
CloseServiceHandle
ReportEventW
OpenSCManagerW
RegEnumValueW
CryptDestroyHash
IsValidSid
RegFlushKey
ChangeServiceConfigW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExW
DuplicateTokenEx

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 406KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 678KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8657c3250644712f89ca2601cd1ccf3c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 406KB - Virtual size: 405KB

.data Size: 312KB - Virtual size: 678KB

.tls Size: 6KB - Virtual size: 5KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 406KB - Virtual size: 405KB

.data
Size: 312KB - Virtual size: 678KB

.tls
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 10KB - Virtual size: 10KB