1925b7008cbd8321f53f9fb98fe7734f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1925b7008cbd8321f53f9fb98fe7734f_JaffaCakes118
Size

2.4MB
MD5

1925b7008cbd8321f53f9fb98fe7734f
SHA1

f1f78248357d8e3ed56f2a417103ffefb93361bf
SHA256

9284d5792e3532b660269d67a8869c528562ee3f57c815e3a3b65badc1046594
SHA512

348be8c929d1149de37fac2c72bcc1854dafc43b450350d902bc97906523f34178e84aabd5fecea4f2377907cb42e06d5f84994ac76317758cd2cfbc3e48ea02
SSDEEP

49152:P4FvHJQ9lM2oHPzRGeW5jlX9YOGWw/IXGZb5LEH+92E:PYPJQwrH7FSijnPEe92E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1925b7008cbd8321f53f9fb98fe7734f_JaffaCakes118

Files

1925b7008cbd8321f53f9fb98fe7734f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7dfbdfc3ec8eadb25f1c93b8d6886987

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetLastError
GlobalFindAtomW
GetCommTimeouts
GetTempFileNameW
GetDriveTypeW
HeapLock
GetUserDefaultUILanguage
ClearCommError
GetCurrentThread
MulDiv
GetModuleHandleA
GetStdHandle
LoadLibraryExW
SetThreadAffinityMask
ConvertDefaultLocale
CreateWaitableTimerA
LoadLibraryA
SetEvent
GetLocalTime
HeapSize
FileTimeToLocalFileTime
SleepEx
GetStartupInfoW
GetCurrentProcessId
SetUnhandledExceptionFilter
GetNumberFormatA
GetTimeFormatW
VirtualQuery
MoveFileExW
GetThreadContext
GetPriorityClass
IsDBCSLeadByteEx
HeapWalk
EnumResourceNamesW
FindFirstFileW
HeapReAlloc
lstrcmpA
GetCommandLineW
DuplicateHandle
CreateWaitableTimerW
CreateDirectoryA
GlobalMemoryStatusEx
lstrlenW
TransactNamedPipe
SetCurrentDirectoryA
GetVersion
lstrcatA
GetSystemTime
WaitForSingleObject
VirtualLock
GetCommState
GetCPInfo
GetTickCount
FindCloseChangeNotification
WriteProfileSectionA

user32

SetPropW
BringWindowToTop
RemoveMenu
CopyRect
DrawTextExW
InsertMenuW
GetMenuItemCount
LookupIconIdFromDirectory
SetWindowLongA
DefWindowProcW
MapVirtualKeyA
GetWindowContextHelpId
FindWindowExW
DestroyCaret
LoadMenuIndirectA
AttachThreadInput
EnumChildWindows
PeekMessageA
GetUpdateRect
MapVirtualKeyExW
FindWindowW
TabbedTextOutW
GetKBCodePage
DefMDIChildProcW
SwitchToThisWindow
DialogBoxParamA
AppendMenuA
AdjustWindowRect
InsertMenuItemW
LoadAcceleratorsA
ValidateRgn
InvalidateRgn
ChangeMenuW
BeginPaint
SetWindowContextHelpId
ArrangeIconicWindows
GetScrollPos
SetMenuItemBitmaps
MapDialogRect
IsCharAlphaNumericW
IsMenu
GetWindowPlacement
GetScrollInfo
SetSysColors
GetMenuState
SetTimer
LoadStringA
SwapMouseButton
IsDialogMessageW
CreateMenu
OemToCharBuffA
MBToWCSEx
GetSubMenu
TileChildWindows
GetPropA
CreateAcceleratorTableW

gdi32

ExtTextOutA
CreateCompatibleBitmap
OffsetViewportOrgEx
SetWindowExtEx
GetCurrentObject
CreateRoundRectRgn
GetDeviceCaps
DeleteDC
RectVisible
GetCharWidthA
CreateSolidBrush
Polygon
CreateHatchBrush
CreateICW
GetViewportOrgEx
CreateCompatibleDC
SetDIBitsToDevice
SelectClipRgn
DeleteMetaFile
GetTextExtentExPointW
SetBkColor
GetMiterLimit
UnrealizeObject
OffsetRgn
SetTextJustification

dbghelp

SymGetSymFromAddr
SymGetModuleInfoW
SymCleanup
SymSetSearchPath
GetTimestampForLoadedLibrary

crypt32

CryptProtectData
CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext
CryptHashPublicKeyInfo

msvcrt

srand
rand
memset

shell32

CommandLineToArgvW

Exports

Exports

_SjSc_zdu_zaY@8
_ModifyRegistry@8
_GnT_vwbz_rmfqys@4
_CwJha_rfmq_Vpn_y@4
_SaveRegistry@12

Sections

.code
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 782B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dfbdfc3ec8eadb25f1c93b8d6886987

Headers

File Characteristics

Imports

kernel32

user32

gdi32

dbghelp

crypt32

msvcrt

shell32

Exports

Exports

Sections

.code Size: - Virtual size: 6.5MB

.text Size: 28KB - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 782B

.code
Size: - Virtual size: 6.5MB

.text
Size: 28KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 782B