6a63fd3cbe577a62416799520544cb13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a63fd3cbe577a62416799520544cb13_JaffaCakes118
Size

375KB
MD5

6a63fd3cbe577a62416799520544cb13
SHA1

6f3220a2d32659855ae395cc8a0e65e1a8261038
SHA256

98b711c68c4883b3990d0488a4cbb99ace5bbdfc131fe69ba6556b833b84208a
SHA512

4507331a4105e940f5a6fa2ed2eba9d42d7c4d499a8bf282dbbcc5e8db7769a17b82c4836c2320f1661ec20923b2d01ed069665c1dc3d548705c8f23f750953c
SSDEEP

6144:XhuBCExt73q/xzzs3eInUkEBZFlW5dD5oHLB+awiDmzZg6FFRTpBAemc5lt296Df:xuBCEx53qpYOInuZWr5oHdXwcKg6DRN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a63fd3cbe577a62416799520544cb13_JaffaCakes118

Files

6a63fd3cbe577a62416799520544cb13_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1ff9dbb16c9b53a41129eca59c37332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
_purecall
free
__CxxFrameHandler
wcscmp
_adjust_fdiv
__dllonexit
wcslen
_wtol
??2@YAPAXI@Z
qsort
_except_handler3
_vsnwprintf
_initterm
_onexit
malloc
?terminate@@YAXXZ

kernel32

EnterCriticalSection
SetEvent
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrlenW
SetLastError
ResetEvent
GetTempPathW
CreateFileW
CloseHandle
WriteFile
LeaveCriticalSection
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
GetDriveTypeW
GetVolumePathNameW
GetFileType
CreateEventW
FlushFileBuffers
GetModuleFileNameW
GetSystemTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
ReleaseMutex
CreateMutexW
GetSystemWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
HeapFree
HeapAlloc
GetProcessHeap
VerifyVersionInfoW
GetLastError
GetProcAddress
GetModuleHandleW
GetSystemInfo
HeapReAlloc
CompareStringW
GetFileAttributesW
CreateDirectoryW
FindNextFileW
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
MoveFileExW
DeleteFileW
RemoveDirectoryW
FindClose
SetFileAttributesW
FindFirstFileW
FreeLibrary
ExpandEnvironmentStringsW
ReadFile
GetFileSize
SystemTimeToFileTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime

user32

CharUpperW
CharNextW

wininet

InternetAttemptConnect
InternetGetConnectedState
InternetAutodialHangup

shell32

SHGetFileInfoW

ole32

CoUninitialize
CoCreateInstance
CoWaitForMultipleHandles
StringFromGUID2
CoCreateGuid
CoInitializeEx

oleaut32

VariantTimeToSystemTime
SysAllocString
SysFreeString
SysStringLen
VariantInit

advapi32

IsValidSid
CopySid
AllocateAndInitializeSid
RegCloseKey
RegOpenKeyExW
RegOpenCurrentUser
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
RegOpenKeyW
InitializeAcl
GetLengthSid
GetUserNameW
FreeSid

shlwapi

PathIsRelativeW
StrChrW
StrRChrW
wnsprintfA
PathStripToRootW
PathIsUNCW
PathIsRootW

wintrust

WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdggg
Size: 173KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ggu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdggu
Size: 173KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1ff9dbb16c9b53a41129eca59c37332

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

wininet

shell32

ole32

oleaut32

advapi32

shlwapi

wintrust

crypt32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 8KB

.gdggg Size: 173KB - Virtual size: 176KB

.ggu Size: 512B - Virtual size: 4KB

.gdggu Size: 173KB - Virtual size: 216KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 8KB

.gdggg
Size: 173KB - Virtual size: 176KB

.ggu
Size: 512B - Virtual size: 4KB

.gdggu
Size: 173KB - Virtual size: 216KB

.rsrc
Size: 3KB - Virtual size: 3KB