8c40a57b91991b848729fb4f20cb645d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c40a57b91991b848729fb4f20cb645d_JaffaCakes118
Size

257KB
MD5

8c40a57b91991b848729fb4f20cb645d
SHA1

0cb526dd22deb40731505ae163f8544afa3b8805
SHA256

89d211cf7b4edc89e8e0f799c9d7e3b78bb160500e64c70b194ee598c5f814a2
SHA512

b2aa8b21d62c5436f77c162a71b1769f4fb539e046078efa68b86145ae4e81a9425acbc057a9fa2547856a46f71365f51264965d63ecefb201893721822e596c
SSDEEP

6144:pZTlnN3HxAhazaSK4QM5HTPmOFGOGt/HqixmyYVgGo5n:LUM5LFfG5dfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c40a57b91991b848729fb4f20cb645d_JaffaCakes118

Files

8c40a57b91991b848729fb4f20cb645d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCloseInfFile
SetupCopyOEMInfW
SetupDiGetINFClassW
SetupGetInfFileListW
SetupOpenInfFileW
SetupUninstallOEMInfW
SetupGetLineTextW

ole32

CoUninitialize
StringFromGUID2
CoTaskMemFree
CoInitialize
CoInitializeEx
CoCreateInstance

user32

DispatchMessageW
GetMessageW
IsWindowUnicode
GetMessageA
MsgWaitForMultipleObjectsEx
PeekMessageW
DispatchMessageA
TranslateMessage

kernel32

VirtualAlloc
DeleteCriticalSection
VerSetConditionMask
CreateEventW
FlushFileBuffers
TlsGetValue
WriteConsoleA
CloseHandle
SetHandleCount
GetCurrentThreadId
ExitThread
OutputDebugStringW
GetConsoleCP
GetCommandLineW
GetSystemInfo
FreeLibrary
GetModuleHandleW
GetConsoleMode
LCMapStringA
SetUnhandledExceptionFilter
LCMapStringW
GetModuleHandleA
HeapDestroy
GetSystemDirectoryW
SizeofResource
ReadFile
DeleteFileW
VerifyVersionInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
LoadResource
TerminateThread
LocalFree
RtlUnwind
UnhandledExceptionFilter
OpenProcess
GetConsoleOutputCP
FindResourceW
GetFileSize
EnterCriticalSection
WaitForMultipleObjects
lstrlenW
SetLastError
HeapFree
SetFilePointer
GetStdHandle
WriteFile
IsDebuggerPresent
HeapSize
LeaveCriticalSection
CreateThread
HeapReAlloc
WaitForSingleObject
GetSystemTimeAsFileTime
GetLocalTime
WriteConsoleW
GetACP
LoadLibraryExW
VirtualFree
GetOEMCP
GetProcessHeap
TlsSetValue
TlsAlloc
ResetEvent
FreeEnvironmentStringsW
CreateFileW
LockResource
IsValidCodePage
SetStdHandle
HeapAlloc
TlsFree
WideCharToMultiByte
ResumeThread
CreateFileA
RaiseException
SetFileAttributesW
FindResourceExW
GetFullPathNameA
VirtualAllocEx
LocalAlloc

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathW

advapi32

RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
TraceMessage
RegDeleteValueW

shlwapi

SHCopyKeyW
PathIsUNCServerW
PathStripPathW
SHDeleteKeyW
PathFileExistsW
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

dbghelp

MakeSureDirectoryPathExists
SymEnumerateSymbolsW
SymLoadModuleEx
ImageRvaToVa
SymGetSymNext
SymLoadModule64
SymGetTypeFromName
SymGetLineNext64
UnDecorateSymbolName
SymSetContext
SymGetModuleInfo
SymGetSymFromAddr64
EnumerateLoadedModules
SymGetSymPrev64

printui

PrinterPropPageProvider
DocumentPropertiesWrap
vDocumentDefaults

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RSrv
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MoDk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IiUjAp
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OaRtLe
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FGIB
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JGVDv
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FiyYSmH
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ole32

user32

kernel32

shell32

advapi32

shlwapi

dbghelp

printui

Sections

.text Size: 97KB - Virtual size: 97KB

.RSrv Size: 2KB - Virtual size: 1KB

.MoDk Size: 4KB - Virtual size: 4KB

.IiUjAp Size: 1024B - Virtual size: 929B

.data Size: 6KB - Virtual size: 173KB

.rdata Size: 129KB - Virtual size: 128KB

.OaRtLe Size: 1KB - Virtual size: 1KB

.FGIB Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.JGVDv Size: 5KB - Virtual size: 4KB

.FiyYSmH Size: 3KB - Virtual size: 2KB

.text
Size: 97KB - Virtual size: 97KB

.RSrv
Size: 2KB - Virtual size: 1KB

.MoDk
Size: 4KB - Virtual size: 4KB

.IiUjAp
Size: 1024B - Virtual size: 929B

.data
Size: 6KB - Virtual size: 173KB

.rdata
Size: 129KB - Virtual size: 128KB

.OaRtLe
Size: 1KB - Virtual size: 1KB

.FGIB
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.JGVDv
Size: 5KB - Virtual size: 4KB

.FiyYSmH
Size: 3KB - Virtual size: 2KB