1b1e12a6460ca981f17786185c0f5bf9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1b1e12a6460ca981f17786185c0f5bf9_JaffaCakes118
Size

117KB
MD5

1b1e12a6460ca981f17786185c0f5bf9
SHA1

c3c9e59ab8d700211455c2071f94c3d858e5074a
SHA256

58aceb7f56d0261e3877b704b51941ee3fee3e2aba1f0967b2143e9b74fe793d
SHA512

a108d1fe13898f451c69ea562aee592cd5432306930ca880dd8cd23100baeaaba8b37d94f849e45f656745c654369f3d15a7d9bdde75b6181495e4f424cb49ce
SSDEEP

3072:wrQlKLHirDytvpxO9SQuUk7nnO8hlxlDPZsG:wElKLiWpcpHk7nO8Pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b1e12a6460ca981f17786185c0f5bf9_JaffaCakes118

Files

1b1e12a6460ca981f17786185c0f5bf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30c46c08d5d70e5164de7621f7f8ef8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetConsoleCommandHistoryLengthA
PulseEvent
GetCPInfo
SetSystemTimeAdjustment
OpenJobObjectA
WriteConsoleInputA
GetThreadPriorityBoost
OpenWaitableTimerA
GetFullPathNameA
GetTempPathA
SetUnhandledExceptionFilter
QueryDosDeviceA
RaiseException
VirtualFree
GetStartupInfoA
SetComputerNameA
FlushFileBuffers
GetModuleHandleA
SignalObjectAndWait
GetStartupInfoA
SetErrorMode
SetFileAttributesA
LCMapStringA
SetThreadUILanguage
GetFileType
WriteConsoleA
FillConsoleOutputCharacterA
Sleep
lstrcatA
Toolhelp32ReadProcessMemory
VirtualAlloc
DeleteTimerQueueEx
GetBinaryTypeA
CreateFileMappingA
SetFilePointerEx
GetTimeFormatA
GetLocaleInfoA
GetStartupInfoW
GetVolumeInformationA
GetConsoleWindow
GetCommState
PurgeComm
GetConsoleFontSize
GetExitCodeThread
Module32First
EnumSystemLanguageGroupsA
SetFileShortNameA
GetConsoleAliasesA
UpdateResourceA
IsBadWritePtr
IsBadReadPtr
GetCPInfoExA

user32

RecordShutdownReason
DrawCaptionTempA
RegisterWindowMessageA
BroadcastSystemMessageExA
GetProcessDefaultLayout
CreateAcceleratorTableA
FindWindowA
EnumDesktopWindows
UnhookWindowsHookEx
RegisterRawInputDevices
RegisterClassA
IsCharAlphaNumericA
ActivateKeyboardLayout
LoadMenuIndirectA
RegisterMessagePumpHook
DefMDIChildProcA
IsCharLowerA
GetAsyncKeyState
CascadeWindows
CopyRect
GetScrollPos
GetUpdateRgn
SetPropA
EnableWindow
GetWindowTextA
GetTitleBarInfo
RegisterClipboardFormatA
ClipCursor
BroadcastSystemMessageExA
ShowWindow
IsCharLowerA
GetInputDesktop
CreateMDIWindowA
GetMenuItemID
GetKeyNameTextA
CallMsgFilter
SetLastErrorEx
InvalidateRgn
ActivateKeyboardLayout
MenuWindowProcA
GetMessageExtraInfo
GetWindowInfo
SetRect
SendNotifyMessageA
RegisterLogonProcess
DrawMenuBarTemp
EnumDisplaySettingsExW
GetMenuStringA
UpdateLayeredWindow
SetWindowsHookExA

crypt32

CertCloseStore
CertRemoveEnhancedKeyUsageIdentifier

Exports

Exports

Wadswyst
CreateKriwpldcbpg
OpenXhguinblwcy
EndAqutmca
Qqhglmbrh
IsIlbrapxknby
AddQiphmhn
IsPtuxvry
EndVdhjfdikna
BeginNmchswexh

Sections

.rdata
Size: - Virtual size: 972B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c46c08d5d70e5164de7621f7f8ef8e

Headers

File Characteristics

Imports

kernel32

user32

crypt32

Exports

Exports

Sections

.rdata Size: - Virtual size: 972B

.text Size: 113KB - Virtual size: 112KB

.rsrc Size: 3KB - Virtual size: 2KB

.rdata
Size: - Virtual size: 972B

.text
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 3KB - Virtual size: 2KB