71a06969070d24c55563b37639c2ce35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71a06969070d24c55563b37639c2ce35_JaffaCakes118
Size

185KB
MD5

71a06969070d24c55563b37639c2ce35
SHA1

501066a3a3d376c1dc81ec9de80c7b4515e9ad4d
SHA256

09971e3e1997bc4a508e8e5909fd813ef09c7350e0ca44542187dcd99070eefb
SHA512

38f65d82482a0a008e02fc94a152ee3c227280ed2281dd2226df166a0b9e3573c8805948ad4eef278832c43ac287581c31103ae0f7f2a4a11a80fae7173fdbbe
SSDEEP

3072:f7lujtvHzduSoMmkeMhx7CTEAo4qQGiYyq2lPYVvsCvcGKAGRF/gi6FZG0T2rwcf:fkjtvHUSoMmBMTe84qQGiYT2lgVvsC0C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71a06969070d24c55563b37639c2ce35_JaffaCakes118

Files

71a06969070d24c55563b37639c2ce35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c270d913576c85c0f9becf9bc467f2b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
CreateFiberEx
DefineDosDeviceA
GetSystemTime
Sleep
GetPrivateProfileStringA
DeviceIoControl
FreeLibrary
WaitForMultipleObjects
LocalAlloc
GetDiskFreeSpaceA
CreateFileA
GetSystemDirectoryA
OutputDebugStringA
LocalFree
InterlockedIncrement
QueryDosDeviceA
LeaveCriticalSection
GlobalMemoryStatus
EnterCriticalSection
GetModuleFileNameA
GetDevicePowerState
GetLocaleInfoA
CreateThread
VirtualQuery
GetFileAttributesA
GetSystemInfo
WaitForSingleObject
ReadFile
LoadLibraryExA
DeleteFileA
QueryPerformanceCounter
IsBadWritePtr
EnumResourceNamesW
IsBadReadPtr
GetModuleHandleA
GetCurrentProcessId
GetThreadPriority
SetLastError
CreateMutexA
DeleteCriticalSection
GetACP
SetEvent
GetCurrentThread
CreateEventA
LoadLibraryA
CloseHandle
WriteFile
GetComputerNameA
ResetEvent
GetLocalTime
GetCurrentThreadId
GetTempPathA
SetThreadPriority
GetWindowsDirectoryA
lstrlenA
FlushFileBuffers
GetTickCount
CompareStringA
CreateDirectoryA
_llseek
InterlockedExchange
VirtualFree
InterlockedDecrement
FlushInstructionCache
InitializeCriticalSection
VirtualAlloc
GetVersion
CreateSemaphoreA
GetVersionExA
CreateProcessA
ReleaseMutex

ole32

CoUninitialize
StgIsStorageFile
CoTaskMemAlloc
StringFromGUID2
GetRunningObjectTable
CoCreateInstance
CreateBindCtx
BindMoniker
CoTaskMemFree
StgOpenStorage
CreateItemMoniker
StgCreateDocfile
CoInitialize

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

winmm

timeGetTime
timeSetEvent

gdi32

CreateDIBitmap

user32

ShowWindow
PostThreadMessageA
RealGetWindowClassA
CreateDialogParamA
ReleaseDC
GetDesktopWindow
MsgWaitForMultipleObjects
RegisterWindowMessageA
DispatchMessageA
DestroyWindow
GetQueueStatus
GetDC
PeekMessageA
wsprintfA
wvsprintfA

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetAdaptersInfo
GetBestInterface
SendARP

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
CryptHashData
GetUserNameA
RegCreateKeyExA
CryptImportKey
RegQueryValueExA
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
RegEnumKeyExA
CryptGetHashParam
RegCloseKey

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c270d913576c85c0f9becf9bc467f2b6

Headers

File Characteristics

Imports

kernel32

ole32

shell32

winmm

gdi32

user32

setupapi

iphlpapi

wininet

advapi32

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 76KB