61996dc556f73861e44ac821f19be893_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

61996dc556f73861e44ac821f19be893_JaffaCakes118
Size

1.3MB
MD5

61996dc556f73861e44ac821f19be893
SHA1

c69894d1d84b76bb8ac41cd620c2be219aeb940c
SHA256

8e5da352480ca6ff051e862a187b2be67a9a1308572062bee1713f09b5606e25
SHA512

708e1d0702eacd1e58288cce92aa79d7ecbe57a56a7f06c59b8e4c235588798abf024004a25a344612724f34bfc013c5d24b0e8e4c455b0ce9942a3bd0e63479
SSDEEP

24576:1GQA9oUQRUVpUQchqt/QYDJ61STAaTUxLE6Z8VlskpyPjRFqttvI:K9ou95VDJ61STM5UVlskpyPjRFqtt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61996dc556f73861e44ac821f19be893_JaffaCakes118

Files

61996dc556f73861e44ac821f19be893_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4346952b335b9ef307ecdfb236e4afb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
GetModuleFileNameA
TlsGetValue
WriteConsoleA
RemoveDirectoryA
SetConsoleTitleA
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetTimeZoneInformation
CreateMutexA
InitializeCriticalSection
MapViewOfFile
OpenFileMappingA
OpenSemaphoreA
OpenMutexA
UnmapViewOfFile
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThreadId
GetCurrentProcessId
CreateFileMappingA
GetProcessWorkingSetSize
GetCurrentProcess
SetProcessWorkingSetSize
VirtualLock
VirtualUnlock
DeviceIoControl
GetTickCount
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
CreateDirectoryA
SetFileAttributesA
GetShortPathNameA
GetPriorityClass
SetPriorityClass
Sleep
GetCurrentThread
SuspendThread
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetExitCodeThread
CreateEventA
ResetEvent
SetEvent
WaitForMultipleObjects
PulseEvent
OpenEventA
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetSystemTime
IsDebuggerPresent
GetModuleHandleA
GetFileInformationByHandle
SetFileTime
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
VirtualAlloc
VirtualFree
GetDiskFreeSpaceA
GetVolumeInformationA
QueryDosDeviceA
GetDriveTypeW
QueryPerformanceCounter
QueryPerformanceFrequency
OutputDebugStringA
SetLastError
GetDiskFreeSpaceExA
GetTempFileNameA
GetTempPathA
GlobalMemoryStatus
GetVersion
DeleteCriticalSection
InterlockedExchange
RtlUnwind
GetLocalTime
RaiseException
TerminateProcess
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentDirectoryA
SetCurrentDirectoryA
MoveFileA
SetEnvironmentVariableA
CreateThread
ExitThread
FatalAppExitA
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
GetOEMCP
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
DeleteFileA
GetFullPathNameA
GetNumberOfConsoleInputEvents
PeekConsoleInputA
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetSystemDirectoryA
GetComputerNameA
GetSystemDefaultLangID
FormatMessageA
GetFileSize
SystemTimeToFileTime
LocalFileTimeToFileTime
LeaveCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GetLogicalDrives
GetDriveTypeA
WaitForSingleObject
ReleaseMutex
CreateFileA
GetLastError
FlushFileBuffers
CloseHandle
GetOverlappedResult
GetVolumeInformationW
LocalAlloc
LocalFree

user32

MessageBoxA
RegisterClassExA
DestroyWindow
IsWindow
UnregisterClassA
BeginPaint
EndPaint
PostQuitMessage
GetWindowLongA
DefWindowProcA
MsgWaitForMultipleObjects
CreateWindowExA
SetWindowLongA
DispatchMessageA
PeekMessageA
ExitWindowsEx

advapi32

SetServiceStatus
StartServiceCtrlDispatcherA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegFlushKey
RegOpenKeyExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
CloseServiceHandle
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceA
ControlService

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

SHDeleteKeyA

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

Sections

.text
Size: 980KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 128KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4346952b335b9ef307ecdfb236e4afb5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

shlwapi

ole32

Sections

.text Size: 980KB - Virtual size: 980KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 128KB - Virtual size: 202KB

.tls Size: 4KB - Virtual size: 60B

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 980KB - Virtual size: 980KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 128KB - Virtual size: 202KB

.tls
Size: 4KB - Virtual size: 60B

.rsrc
Size: 104KB - Virtual size: 104KB