3a8d01303ba6a8ef9edf71140879ded7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a8d01303ba6a8ef9edf71140879ded7_JaffaCakes118
Size

67KB
MD5

3a8d01303ba6a8ef9edf71140879ded7
SHA1

206f9e685f1582912a2cde05168b0415a2539476
SHA256

538817d3bb29dfa8cb514f0b9168e3cf337aac3dad7bc086f18e4642b1b914ae
SHA512

26aa479c79744f65dc7da88710458e31efd7dcedf44e7f40bb4a8cc529262e55d09b3bbbb904421b63464cccbded507ebf1e4a37a9f3554a8dc613c80d135eb6
SSDEEP

768:yFIsXHJopY2NLB/llhWePy/TkqADLrpvg/RWV7hy+0t17mU6MjBjL/IsoX:yF9CS4Lz7IbkqA7C/UdPqqc5r2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a8d01303ba6a8ef9edf71140879ded7_JaffaCakes118

Files

3a8d01303ba6a8ef9edf71140879ded7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f0a0094d96589ef0e002aab10e4d671

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
CreateMutexW
GetProcAddress

user32

GetSystemMetrics
RemoveMenu
GetCursorPos
LoadCursorW
PeekMessageA
EnumClipboardFormats
CharNextA
AppendMenuW
CreateWindowExW
SetMenu
IsChild
wsprintfA
CopyIcon
MessageBoxA
MessageBoxIndirectA
GetClassInfoExA
SetWindowPos
CheckMenuItem
EnableWindow
ShowCursor
GetMessageW
SetCursor
GetDlgItemTextA
GetMenuStringA
GetClassInfoA
LoadImageW
RegisterWindowMessageW
UnregisterClassW
PostQuitMessage
RegisterClassA
GetMenuItemID
WinHelpW
DialogBoxParamA
OffsetRect
wsprintfW
GetCapture
GetForegroundWindow
MessageBeep

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

polstore

IPSecAllocPolMem
IPSecCopyNFAData
IPSecDeleteNFAData
IPSecSetNFAData
IPSecUnassignPolicy
IPSecFreeMulFilterData
IPSecCreateNegPolData
IPSecCopyISAKMPData
IPSecExportPolicies
IPSecEnumFilterData
IPSecAssignPolicy
IPSecDeleteISAKMPData
IPSecFreePolStr
IPSecCreateFilterData

newdev

InstallSelectedDriver
InstallNewDevice

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EcMc
Size: 3KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 10KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cYS
Size: 2KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SEr
Size: 2KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0a0094d96589ef0e002aab10e4d671

Headers

File Characteristics

Imports

kernel32

user32

advapi32

polstore

newdev

Sections

.text Size: 7KB - Virtual size: 7KB

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 42KB

.EcMc Size: 3KB - Virtual size: 611KB

.edata Size: 10KB - Virtual size: 77KB

.cYS Size: 2KB - Virtual size: 86KB

.data Size: 7KB - Virtual size: 120KB

.edata Size: 12KB - Virtual size: 32KB

.SEr Size: 2KB - Virtual size: 380KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 42KB

.EcMc
Size: 3KB - Virtual size: 611KB

.edata
Size: 10KB - Virtual size: 77KB

.cYS
Size: 2KB - Virtual size: 86KB

.data
Size: 7KB - Virtual size: 120KB

.edata
Size: 12KB - Virtual size: 32KB

.SEr
Size: 2KB - Virtual size: 380KB

.rsrc
Size: 2KB - Virtual size: 1KB