624d37eee823fbe42a32f2baac2583bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

624d37eee823fbe42a32f2baac2583bb_JaffaCakes118
Size

153KB
MD5

624d37eee823fbe42a32f2baac2583bb
SHA1

6ed1a0be46efb40c982b7f14637e4e4d1a768476
SHA256

4d46499b285c70c6fd89195bfd5f2a2f4adc9064e8322f9a16556bc8441245d5
SHA512

c400014c840e14947a505de2574b886a081366e64555907640683b24b656737e6924775e9eebb7e1cfa473aa78b810f9e12779b209bc76148eec757c30335a07
SSDEEP

3072:USpe8bFVwRDPY1WiBPUeEKLG0Yu6nXULTiowVS3/uZjd5N9HwPrKXK/:3ee4RDPyLEKLBX6XUPr3u5jwjEK/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624d37eee823fbe42a32f2baac2583bb_JaffaCakes118

Files

624d37eee823fbe42a32f2baac2583bb_JaffaCakes118
.exe windows:3 windows x86 arch:x86

c2d06a969a3324699fca047bedb9c8ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupFreeSourceListW
SetupDiEnumDeviceInfo
SetupQuerySourceListW
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

kernel32

SetHandleCount
SetThreadUILanguage
GetCurrentProcessId
CreateProcessW
SetVolumeLabelW
LockFile
ExitProcess
CreateFileA
ScrollConsoleScreenBufferW
GlobalAddAtomA
DosPathToSessionPathW
BeginUpdateResourceA
BaseInitAppcompatCacheSupport
ReadConsoleOutputA
_lclose
GetNumaAvailableMemoryNode
GetVersionExA
HeapAlloc
IsBadReadPtr
InterlockedIncrement
InterlockedIncrement
GetStartupInfoA
GetOEMCP
InterlockedPushEntrySList
IsDebuggerPresent
WideCharToMultiByte
GetConsoleOutputCP
EnumCalendarInfoExW
GetTickCount
AddLocalAlternateComputerNameW
TlsSetValue
GetProcessHeap
WriteConsoleA
ScrollConsoleScreenBufferA
InterlockedExchange
DeleteFiber
SetThreadPriority
LCMapStringW
TlsAlloc
WriteConsoleW
RegisterWaitForInputIdle
UnhandledExceptionFilter
Sleep
GetVolumePathNamesForVolumeNameW
CreateEventA
FlushFileBuffers
GlobalGetAtomNameA
CopyFileW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetConsoleCharType
GetEnvironmentStringsW
GetWindowsDirectoryW
GetCommandLineA
GetFileType
GetACP
InterlockedDecrement
ReadConsoleA
GlobalMemoryStatus
IsBadWritePtr
IsBadCodePtr
RtlFillMemory
HeapCreate
SetFilePointer
GetProcessAffinityMask
GetCurrentProcess
GetConsoleMode
HeapReAlloc
OpenSemaphoreA
GetLastError
SetLastError
CopyFileW
WriteFileEx
TerminateProcess
GetConsoleDisplayMode
VirtualAlloc
ClearCommError
HeapFree
SetFirmwareEnvironmentVariableW
GlobalAlloc
EnterCriticalSection
FreeEnvironmentStringsW
GetVersionExW
SetStdHandle
GetStdHandle
_hwrite
EnterCriticalSection
GetLocaleInfoA
ReplaceFileW
DeactivateActCtx
GetCommandLineW
FreeEnvironmentStringsA
GetCPInfo
LCMapStringA
GetConsoleSelectionInfo
LocalAlloc
LeaveCriticalSection
SetFileTime
RtlUnwind
HeapDestroy
CloseHandle
RaiseException
Module32Next
SetUnhandledExceptionFilter
GetStringTypeW
LZCreateFileW
lstrlenW
GetStringTypeA
VirtualFree
DeleteCriticalSection
SetFileShortNameW
HeapLock
LocalFree
CancelWaitableTimer
GetPrivateProfileStringA
GetConsoleTitleW
HeapSize
GetSystemTimeAsFileTime
IsDebuggerPresent
EraseTape
QueryPerformanceCounter

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

atl

AtlModuleInit
AtlAxCreateDialogW
DllUnregisterServer
AtlWaitWithMessageLoop
AtlRegisterClassCategoriesHelper
AtlAxWinInit
AtlGetObjectSourceInterface

utildll

ParseDecoratedAsyncDeviceName
IsPartOfDomain
RegGetNetworkServiceName

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nbkXS
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HnJu
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sOq
Size: 1KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wcw
Size: 3KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vi
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RJ
Size: 2KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WDmC
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2d06a969a3324699fca047bedb9c8ed

Headers

File Characteristics

Imports

setupapi

kernel32

advapi32

atl

utildll

Sections

.text Size: 19KB - Virtual size: 18KB

.nbkXS Size: 2KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.HnJu Size: 2KB - Virtual size: 35KB

.sOq Size: 1KB - Virtual size: 41KB

.Wcw Size: 3KB - Virtual size: 34KB

.data Size: 9KB - Virtual size: 25KB

.vi Size: 1KB - Virtual size: 3KB

.RJ Size: 2KB - Virtual size: 41KB

.WDmC Size: 1KB - Virtual size: 32KB

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 19KB - Virtual size: 18KB

.nbkXS
Size: 2KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.HnJu
Size: 2KB - Virtual size: 35KB

.sOq
Size: 1KB - Virtual size: 41KB

.Wcw
Size: 3KB - Virtual size: 34KB

.data
Size: 9KB - Virtual size: 25KB

.vi
Size: 1KB - Virtual size: 3KB

.RJ
Size: 2KB - Virtual size: 41KB

.WDmC
Size: 1KB - Virtual size: 32KB

.rsrc
Size: 102KB - Virtual size: 101KB