69e1a58b1fc2fcefb12f56cd71372117_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69e1a58b1fc2fcefb12f56cd71372117_JaffaCakes118
Size

358KB
MD5

69e1a58b1fc2fcefb12f56cd71372117
SHA1

ef248cbd427fb75824d1e533e02e5c41f6814fd9
SHA256

8d59f5cf2e632bc4345f33a5603f2b1ffd32da0fa0776be97860cfcb8a3511e9
SHA512

33554b479c4ca73c998db8fb795aaaebd396bfa78abf59906f59ee732f6915590de28e741f89c3806b0055494d7ddfe5299859b0d578b3c1defb3776ec522d08
SSDEEP

6144:A5GezrkkFwtwbJo9hW2s7mUdnJRXVL/jj+FTzV9rGWmAwHd0z4WnGiMNedAgOUBq:YQey9hJtiJR5wV9lmA2JWLM6r4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69e1a58b1fc2fcefb12f56cd71372117_JaffaCakes118

Files

69e1a58b1fc2fcefb12f56cd71372117_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46ebbc1ae14bc3bf34a0a6bbda7e0d6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
GetTokenInformation
LookupAccountSidW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceW
ReportEventW

gdi32

DeleteObject

kernel32

CloseHandle
CompareStringW
CreateEventW
CreateFileMappingW
CreateFileW
CreateThread
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesW
GetFileSize
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPriorityClass
GetProcAddress
GetProcessHeap
GetSystemDefaultLCID
GetSystemDefaultUILanguage
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersion
GetVersionExW
GlobalAlloc
GlobalFree
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MoveFileW
MultiByteToWideChar
OpenMutexW
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseMutex
ReleaseSemaphore
SearchPathW
SetEvent
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiW
lstrlenA
lstrlenW

msi

ord109

ole32

StgOpenStorageOnILockBytes
PropVariantCopy
PropVariantClear
CreateStreamOnHGlobal
CoWaitForMultipleHandles
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
CLSIDFromString
CoUninitialize

oleaut32

LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
VariantClear
VariantInit
RegisterTypeLi

user32

LoadStringW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
CharNextW

Exports

Exports

FreeGlobalObjects
GetContextSpellingSession
GetNextToken
RunCssWordBreaker

Sections

.text
Size: 290KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46ebbc1ae14bc3bf34a0a6bbda7e0d6f

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msi

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 290KB - Virtual size: 292KB

.rdata Size: 40KB - Virtual size: 40KB

.data Size: 13KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 290KB - Virtual size: 292KB

.rdata
Size: 40KB - Virtual size: 40KB

.data
Size: 13KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB