85ae6abc0714f070cdf70335d752fc75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85ae6abc0714f070cdf70335d752fc75_JaffaCakes118
Size

67KB
MD5

85ae6abc0714f070cdf70335d752fc75
SHA1

e64f091f490b798e1f97a989b4c8342c0e9b4ae2
SHA256

ed2c5e3502f68ae0f65760083ad1a841d4a78e47cdeb1b5123ad3e289d6666ba
SHA512

71aa32964616cd06ff0a44ebb65509db8c508c22729ddc0b0b3cfa1a82c8b02ade4e178d2eea1f835a4d16d9e2c294b863b37e33e84386f072083892924664cc
SSDEEP

1536:SyGKS7HdEluZzYUbXRAumQQ+qLDuQpCFhXn4ytDhjoL+yB2SafyAL:zGKS7HSwFbBAJruhX4yt6t2AAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85ae6abc0714f070cdf70335d752fc75_JaffaCakes118

Files

85ae6abc0714f070cdf70335d752fc75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b2e1190c4cfecf45785a32e3cf103cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
FindNextVolumeA
lstrlenA
GetCurrentProcessId
FindNextVolumeW
GetVolumeInformationA
GetProcessPriorityBoost
GetCalendarInfoA
CreateTimerQueueTimer
GetProcessVersion
WaitCommEvent
GetExitCodeThread
PurgeComm
GetTempPathA
IsValidCodePage
_hwrite
FindNextVolumeMountPointA
FindVolumeClose
CloseHandle
IsDebuggerPresent
GetPrivateProfileStructA
IsProcessorFeaturePresent
TermsrvAppInstallMode
OpenJobObjectA
GetProcessWorkingSetSize
GetDefaultCommConfigA
GetProcessHeaps
SetFileAttributesA
SetPriorityClass
GetVolumePathNameA
IsValidLanguageGroup
GetTimeFormatA
PeekConsoleInputA
GetCommandLineA
GetSystemDefaultLangID
FindResourceExA
GetConsoleOutputCP
GetLocaleInfoA
SetConsoleCursorMode
MoveFileExA
GetProfileSectionA
QueryDosDeviceA
SetConsoleMenuClose
SetConsoleIcon
FreeResource
BuildCommDCBA
OpenSemaphoreA
lstrcpy
SetSystemPowerState
GlobalMemoryStatus
RaiseException
WriteConsoleOutputA
CreateDirectoryExA
Process32Next
GetDevicePowerState
GetConsoleAliasA
GetCPInfo
GetStringTypeExW
SetLocalPrimaryComputerNameA
SizeofResource
SetVolumeLabelW
GetConsoleMode
GetFileTime
SetConsoleFont
GetThreadTimes
GetCommProperties
QueryInformationJobObject
GetCurrencyFormatA
GetDiskFreeSpaceExA
GetComputerNameA
GetFileAttributesA
GetConsoleCursorInfo
EnumSystemGeoID
LocalAlloc
VirtualProtect
RegisterWaitForSingleObject
WriteConsoleOutputCharacterA
ResetEvent
IsBadReadPtr
GetConsoleTitleA
GetCommModemStatus
ReadConsoleOutputA
CreateEventA
CreateFileMappingA
ExitVDM
SetUserGeoID
DisconnectNamedPipe
ReadConsoleOutputCharacterA
CloseConsoleHandle
SetVolumeMountPointA
GetEnvironmentStringsA
lstrcpynA
ClearCommError
GetSystemDirectoryA
SetConsoleCursorInfo
GetDriveTypeA
SetConsoleScreenBufferSize
VirtualAlloc
WriteFileGather
GetProfileStringA
SetCommConfig
GlobalUnlock
GlobalAddAtomA
SetVolumeLabelA
GetWindowsDirectoryA
GetModuleFileNameA

dhcpcsvc

DhcpUndoRequestParams

odbc32

SQLExecute
SQLSetStmtAttr

d3d9

Direct3DCreate9

Exports

Exports

IsJvkypfotuj
Bcqsgtdbak
GetHcsrihyix
WriteKdmtwbkfobm
ReadTcxkgrilcyu
Wivgbrrjipq
CloseBqifphme
Igtvjpnbjtq
Gayoelvgcof
Kinpfgcjtxa
Agubhjida
ReadWiektvw
InitYftmbtmcjql
GetBjicnshd
AddLpeqmns
Mmlppclhny
GetWdhovqx
Qbduxgeiw

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b2e1190c4cfecf45785a32e3cf103cb

Headers

File Characteristics

Imports

kernel32

dhcpcsvc

odbc32

d3d9

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 1024B - Virtual size: 600B

.idata Size: 3KB - Virtual size: 2KB

.rdata Size: 21KB - Virtual size: 131KB

.edata Size: 512B - Virtual size: 472B

.rsrc Size: 1024B - Virtual size: 860B

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 1024B - Virtual size: 600B

.idata
Size: 3KB - Virtual size: 2KB

.rdata
Size: 21KB - Virtual size: 131KB

.edata
Size: 512B - Virtual size: 472B

.rsrc
Size: 1024B - Virtual size: 860B