39862e66e3cad9b1493d1432949bc92f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39862e66e3cad9b1493d1432949bc92f_JaffaCakes118
Size

204KB
MD5

39862e66e3cad9b1493d1432949bc92f
SHA1

505058730ff4a2d0b647bbd1cf55777a7c88b948
SHA256

1a8cd64509a1a13e62ee2dfa392a4eef837fd67126725f796a51d0b1b52403ce
SHA512

8156a75ff264879f2a1d66b8fbb2a481454670b1ade469fa3abb853c98e14b21d4b160dc6a77d53e1c55d04bfee669aef29c0a3000e62d5a87932230a3412b04
SSDEEP

6144:+jg80wiD/EeHRJETxNbOF/Gtr8HBSaKCX0d2WgIt5lr:2aTJETxN6FetrTaHX4zp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39862e66e3cad9b1493d1432949bc92f_JaffaCakes118

Files

39862e66e3cad9b1493d1432949bc92f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68339a03b96a0b6d412d26e89e1b1f1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

kernel32

OutputDebugStringA
CreateFiberEx
DeleteCriticalSection
GetComputerNameA
InterlockedExchange
CompareStringA
LocalAlloc
CreateMutexA
CloseHandle
LoadLibraryA
GetTempPathA
GetModuleHandleA
VirtualQuery
GetWindowsDirectoryA
GetThreadPriority
GetSystemDirectoryA
_llseek
GetLastError
GetDevicePowerState
ResetEvent
CreateThread
IsBadWritePtr
DeleteFileA
CreateDirectoryA
LocalFree
DefineDosDeviceA
CreateFileA
IsBadReadPtr
WriteFile
FlushInstructionCache
GetCurrentThreadId
GetACP
SetEvent
GetModuleFileNameA
InitializeCriticalSection
VirtualAlloc
GetFileAttributesA
EnterCriticalSection
GlobalMemoryStatus
GetCurrentThread
InterlockedIncrement
LoadLibraryExA
LeaveCriticalSection
EnumResourceNamesW
GetVersion
lstrlenA
ReadFile
CreateEventA
FreeLibrary
WaitForSingleObject
WaitForMultipleObjects
SetThreadPriority
CreateProcessA
GetLocalTime
CreateSemaphoreA
GetPrivateProfileStringA
FlushFileBuffers
GetDiskFreeSpaceA
GetSystemTime
Sleep
VirtualFree
GetVersionExA
InterlockedDecrement
GetLocaleInfoA
QueryPerformanceCounter
QueryDosDeviceA
GetSystemInfo
SetLastError
DeviceIoControl
GetTickCount
GetCurrentProcessId
ReleaseMutex

gdi32

CreateDIBitmap

user32

GetQueueStatus
PeekMessageA
DispatchMessageA
RealGetWindowClassA
ShowWindow
CreateDialogParamA
ReleaseDC
wsprintfA
RegisterWindowMessageA
GetDesktopWindow
MsgWaitForMultipleObjects
DestroyWindow
PostThreadMessageA
GetDC
wvsprintfA

ole32

StringFromGUID2
BindMoniker
CoTaskMemAlloc
GetRunningObjectTable
CoCreateInstance
StgIsStorageFile
StgOpenStorage
CoTaskMemFree
CreateItemMoniker
StgCreateDocfile
CreateBindCtx
CoUninitialize
CoInitialize

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

advapi32

GetUserNameA
RegEnumValueA
RegSetValueExA
CryptHashData
CryptCreateHash
RegCreateKeyExA
CryptDestroyHash
CryptGetHashParam
CryptEncrypt
CryptImportKey
CryptReleaseContext
RegEnumKeyExA
CryptDestroyKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68339a03b96a0b6d412d26e89e1b1f1b

Headers

File Characteristics

Imports

shell32

kernel32

gdi32

user32

ole32

iphlpapi

wininet

advapi32

setupapi

winmm

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 228KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 228KB