229a07616142a90f6daf8b8322a32ae4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

229a07616142a90f6daf8b8322a32ae4_JaffaCakes118
Size

3.5MB
MD5

229a07616142a90f6daf8b8322a32ae4
SHA1

dea104c5e8c6d98ea3024cd0ed77ff8b876d881c
SHA256

31bbed54938af94789c6b32d45af9d877ad087a59a168d40aa2f8ff207dee97f
SHA512

ebc33a62a965ef9b80ba33caf0c249a6daa6df8b80669aed8d059c143c9ae9b3812b84ab02b6e639539dd89ac4adcbaac04a08320126a9a2369e44116386967a
SSDEEP

98304:2meYDl9EA4/cQUJt3byP6MTwdDGPHbPPX/XwR:2m5cz6t86owdDGTPPX/AR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
229a07616142a90f6daf8b8322a32ae4_JaffaCakes118

Files

229a07616142a90f6daf8b8322a32ae4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
VerInstallFileW
GetFileVersionInfoA
VerFindFileW
VerFindFileA
GetFileVersionInfoW

winmm

mixerMessage
mixerGetLineControlsA

comdlg32

PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
CommDlgExtendedError

setupapi

SetupDiOpenDeviceInfoA
SetupDiGetDeviceInfoListDetailW
SetupDiDestroyDeviceInfoList
CM_Locate_DevNode_ExA
CM_Get_DevNode_Registry_PropertyW

kernel32

lstrcmpiW
lstrcmpA
WriteProfileStringW
VerLanguageNameW
VerLanguageNameA
UnregisterWait
SetLastError
SetCommConfig
RequestDeviceWakeup
OpenJobObjectW
HeapAlloc
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetStringTypeW
GetProcAddress
GetPrivateProfileSectionNamesW
GetNamedPipeHandleStateA
GetFileSize
GetDateFormatW
GetComputerNameW
GetCommandLineA
ExitProcess
EnumResourceNamesA
BackupWrite
CancelIo
ChangeTimerQueueTimer
CommConfigDialogW
CopyFileW
CreateFileA
CreateJobObjectW
CreateTimerQueueTimer
DeleteFileA
DeleteTimerQueueTimer
EndUpdateResourceW
EnumResourceLanguagesA

ntdll

DbgPrintReturnControlC
ZwPlugPlayControl
ZwImpersonateClientOfPort
ZwDeleteObjectAuditAlarm
ZwCreateTimer
ZwCreateIoCompletion
RtlpNtSetValueKey
RtlUpperChar
RtlSetUserFlagsHeap
RtlNtStatusToDosError
RtlNormalizeProcessParams
RtlLargeIntegerToChar
CsrClientConnectToServer
NtAlertResumeThread
NtCreateThread
NtPowerInformation
NtRegisterThreadTerminatePort
NtYieldExecution
RtlAppendStringToString
RtlConvertExclusiveToShared
RtlDelete
RtlEqualString
RtlFindMostSignificantBit
RtlFindSetBits
RtlImpersonateSelf
RtlInitializeCriticalSection
RtlInitializeHandleTable
RtlLargeIntegerArithmeticShift

user32

ShowCursor
SendMessageA
PostMessageA
OemToCharW
IsCharUpperA
GetDlgItem
EnableMenuItem
EmptyClipboard
DrawCaption
DialogBoxParamA
CreateIcon
UpdateWindow
CharLowerA
CharToOemA
CharToOemBuffA
CloseWindow
CreateDialogParamA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 487KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

Imports

version

winmm

comdlg32

setupapi

kernel32

ntdll

user32

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 487KB - Virtual size: 1.1MB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 487KB - Virtual size: 1.1MB

.rsrc
Size: 48KB - Virtual size: 47KB