218847575f8df2fb6b1575ae74202f3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

218847575f8df2fb6b1575ae74202f3f_JaffaCakes118
Size

50KB
MD5

218847575f8df2fb6b1575ae74202f3f
SHA1

682994b6a11c0307146c2baa834b3ab43a83d339
SHA256

d5915a7747961e274349cc19f376e97fe83bd00ed27a544827f5153e659fda73
SHA512

a36e13b724bbb17ee1fc5cbf5ed906b59a6485e0cf95b8afd45eddd532e291ee1dadf00830d82ef381724d1150b9064472c5f945ac46e1a1c1522eec8ad78b95
SSDEEP

768:h+NI0CWdv9tH9aCfjXD3ebEmPM2tQ+5exomIJl/x5LWntUF0jr9fKhYer1PmAk:haI09999HkxdSomYl/bPC9f/OPmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
218847575f8df2fb6b1575ae74202f3f_JaffaCakes118

Files

218847575f8df2fb6b1575ae74202f3f_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a139301a6fe5c0516a4b8a645bb0e045

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

netcfg.pdb

Imports

advapi32

RegOpenKeyW
RegCloseKey

kernel32

FormatMessageW
GetLastError
GetWindowsDirectoryW
GetModuleHandleW
HeapSetInformation
GetConsoleOutputCP
SetConsoleCP
GetOEMCP
HeapFree
HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

__wgetmainargs
_cexit
_exit
_XcptFilter
_wcsicmp
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
malloc
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_except_handler4_common
_controlfp
memcpy_s
memmove_s
_vsnwprintf
_putws
memset
_callnewh
free
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
wcsstr
iswspace
wprintf
_unlock
_wsetlocale
_CxxThrowException
__CxxFrameHandler3
iswprint
wcscpy_s
exit
wcschr
tolower
_initterm

ole32

CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
SysAllocStringLen

setupapi

SetupCopyOEMInfW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jtcrzyi
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a139301a6fe5c0516a4b8a645bb0e045

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

ole32

oleaut32

setupapi

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 29KB

jtcrzyi Size: - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 29KB

jtcrzyi
Size: - Virtual size: 4KB