9577c1cf6c8c17baa8e737f0a9f699a5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9577c1cf6c8c17baa8e737f0a9f699a5_JaffaCakes118
Size

231KB
MD5

9577c1cf6c8c17baa8e737f0a9f699a5
SHA1

6879996d2a02fa2e1be5097ec7f11a29a354c69d
SHA256

b033137a02f8372ac2dc41fce3513c8b328c41bd1327fc947bbc1ab5c2201df9
SHA512

dba5a61d3a9833d1bcb0508a8c205a83174cc1b4762ff3da21ced6f86c1d84de6bb3a61c17bbc68f8dbe9f64930b3fb5c6cd7f4a6aae24d1193b7fdbcc092c53
SSDEEP

3072:g5LFmpWcuHBS8CVaHnBsC8PPuWAfeWUTAaolaAkPXxnLh5DunnxHRna2vRZhNoJ:gDhcySdonBuPPbWboAkPdrKxHtZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9577c1cf6c8c17baa8e737f0a9f699a5_JaffaCakes118

Files

9577c1cf6c8c17baa8e737f0a9f699a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d698cebf7e32f534e81ca582979a27e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapCreate
MapViewOfFile
GetEnvironmentVariableW
InitializeCriticalSection
HeapFree
GetCurrentProcessId
SearchPathW
GetVersionExA
GetModuleHandleW
LCMapStringA
SetErrorMode
GetEnvironmentStrings
GetLocalTime
GetCurrentThreadId
GetDriveTypeW
SetStdHandle
GetProcessHeap
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedDecrement
GetTickCount
GetVersionExW
HeapReAlloc
LeaveCriticalSection
FindResourceW
GetStartupInfoA
InterlockedExchange
ExpandEnvironmentStringsA
GetProcAddress
SystemTimeToFileTime
LocalFree
HeapAlloc
LCMapStringW
WriteFile
GetSystemTime
RtlUnwind
InterlockedCompareExchange
GetFileAttributesW
ExitProcess
InterlockedIncrement
CreateSemaphoreW
CreateThread
TlsGetValue
ReadFile
FreeLibrary
OutputDebugStringW
CloseHandle
SetConsoleCP
VirtualProtect
CreateProcessW
MultiByteToWideChar
DeleteFileW
SetEvent
TerminateThread
GetStringTypeA
VirtualFree
FindClose
LoadLibraryW
TlsFree
CreateFileA
GetSystemTimeAsFileTime
FindResourceA
EnterCriticalSection
GetACP
GetCPInfo
GetOEMCP
FlushFileBuffers
WideCharToMultiByte
GetStdHandle
UnhandledExceptionFilter
SetLastError
GetShortPathNameA
LoadLibraryA
lstrlenA
OutputDebugStringA
LoadResource
CompareStringA
DeleteCriticalSection
GetVersion
GetFileType
QueryPerformanceCounter
GetCommandLineA

user32

SetRect
SetWindowPos
LoadCursorW
ReleaseDC
GetDlgItem
UnregisterClassA
CheckDlgButton
CharNextA
OpenClipboard
GetWindowLongA
LoadIconA
DestroyMenu
LoadCursorA
InvalidateRect
EnableWindow
GetClassNameW
GetParent
RegisterClassW
PostQuitMessage
IsWindowEnabled
SetWindowLongW
DefWindowProcA
IsChild
GetCursorPos
GetDC
GetWindowDC
GetNextDlgTabItem
SystemParametersInfoA
GetWindowLongW
FindWindowW
SetCursor
SendDlgItemMessageA
DefWindowProcW

rpcrt4

RpcStringFreeW

msvcrt

_errno
calloc
qsort
_initterm
?what@exception@@UBEPBDXZ
memset
__p__fmode
_stricmp
_adjust_fdiv
__dllonexit
??2@YAPAXI@Z
_iob
_XcptFilter
_cexit
?terminate@@YAXXZ

gdi32

DeleteObject
GetPixel
SelectObject
MoveToEx
GetDeviceCaps
GetStockObject
GetDIBits
CreateDIBSection
PatBlt

advapi32

RegQueryValueExA
InitializeAcl
RegSetValueExW
EqualSid
RegSetValueExA
RegOpenKeyW
RegDeleteValueA
RegQueryValueExW
FreeSid

ole32

StringFromGUID2
CoCreateInstance

version

GetFileVersionInfoSizeW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d698cebf7e32f534e81ca582979a27e6

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

msvcrt

gdi32

advapi32

ole32

version

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 178KB - Virtual size: 426KB

.rsrc Size: 1024B - Virtual size: 942B

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 178KB - Virtual size: 426KB

.rsrc
Size: 1024B - Virtual size: 942B