c1c39041f0565e85ff8d50cea3abc424_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1c39041f0565e85ff8d50cea3abc424_JaffaCakes118
Size

2.4MB
MD5

c1c39041f0565e85ff8d50cea3abc424
SHA1

ea185f34a66c69eaff1dcd1898c8bc7cf8ba5cf0
SHA256

f6adb046a0c582629d44e745f33f947d52deac812c9157406ccc6013b429acb4
SHA512

44006ceb11e9bd484ca71a980e256da2ec7e6e4474e033749d8689069da516b20dd93f884e574b0ed6c545b8f51b10619047bb3e1c04a94cae5e7eb54948ffd4
SSDEEP

24576:xtJY4DR5DRmt5Z8IOYTSLDeIf1xaPdCgt9Fetz1DfpuXeJEr:xtJYyRmZ+tTHUefD0uJEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1c39041f0565e85ff8d50cea3abc424_JaffaCakes118

Files

c1c39041f0565e85ff8d50cea3abc424_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df4fc444ae32189760fa193e6a1fc888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

DeleteSecurityContext
FreeContextBuffer
TranslateNameW
InitializeSecurityContextW

kernel32

DecodePointer
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetVersion
GlobalFree
VirtualAlloc
CloseHandle
FileTimeToLocalFileTime
TlsAlloc
CreateMutexW
CreateEventW
GlobalFindAtomW
GetFullPathNameW
DeleteFileW
FindNextFileW
CopyFileW
GetVersionExW
IsValidCodePage
GetUserGeoID
GetConsoleWindow
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsDebuggerPresent
GetModuleHandleW
TlsFree
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
CreateFileW
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue

user32

CopyIcon
DestroyCursor
LoadBitmapW
GetLastActivePopup
SetParent
SetRectEmpty
GetSysColor
GetScrollInfo
SetWindowRgn
GetDCEx
AppendMenuW
GetSubMenu
SetMenu
SetFocus
CharLowerW
RegisterClipboardFormatW
ShowWindow
GetClassInfoExW
PostMessageW
TranslateMessage
RegisterRawInputDevices
DdeGetData
DdeAccessData
GetScrollPos

psapi

GetDeviceDriverBaseNameW
EnumDeviceDrivers
GetModuleFileNameExW

mpr

WNetOpenEnumW

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.40b0h
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.elo5w2
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5nhduw
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df4fc444ae32189760fa193e6a1fc888

Headers

File Characteristics

Imports

secur32

kernel32

user32

psapi

mpr

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 1.1MB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.40b0h Size: 120KB - Virtual size: 120KB

.elo5w2 Size: 365KB - Virtual size: 364KB

.5nhduw Size: 309KB - Virtual size: 309KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 1.1MB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.40b0h
Size: 120KB - Virtual size: 120KB

.elo5w2
Size: 365KB - Virtual size: 364KB

.5nhduw
Size: 309KB - Virtual size: 309KB

.rsrc
Size: 362KB - Virtual size: 362KB