c238e9df519f3b01376d6a656d2295cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c238e9df519f3b01376d6a656d2295cd_JaffaCakes118
Size

3.4MB
MD5

c238e9df519f3b01376d6a656d2295cd
SHA1

0f1360b7c42fb8179ea8632fbf789238714200e6
SHA256

64a18faa717778abcd0ba6767a1f5f2702056329a08ded016ab9d27e6f05ec48
SHA512

4ec56a64fb2aaa169cd3356a7020691b36230f5583184c6bafb35e44cb8a7585e44e0daa6209d8815f11b86a7e785d3fd7c752ace3b3e373aef86d89fae95727
SSDEEP

24576:UDs1L9jxGZSQkfIOd++zc6u3hRlsDr5qGklEVsz:UDs1zXQkfTqxRlsDr5qGklX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c238e9df519f3b01376d6a656d2295cd_JaffaCakes118

Files

c238e9df519f3b01376d6a656d2295cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

543afca65987c323da4265d4130a0b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW

shlwapi

AssocCreate
StrCmpNW
StrFormatByteSizeW
StrStrW
StrRetToBufW
PathGetDriveNumberW
PathIsRelativeW
PathRemoveBackslashW
PathRemoveBlanksW
PathRemoveFileSpecW
PathCreateFromUrlW
SHSetValueW

user32

GetMenuItemInfoW
TrackPopupMenuEx
GetMenuItemCount
GetMenuState
SetTimer
SetCapture
DragDetect
GetFocus
SendDlgItemMessageW
EndDialog
DialogBoxParamW
CreateWindowExW
DefWindowProcW
PeekMessageW
DrawIcon
SetActiveWindow
ShowScrollBar
GetMenuContextHelpId
MessageBoxW
GetSysColor
EqualRect
DestroyIcon
DrawIconEx
GetMonitorInfoW
GetKeyboardType

winspool.drv

EnumFormsW

secur32

FreeContextBuffer

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetVersion
GlobalAlloc
VirtualAlloc
ExitProcess
FreeEnvironmentStringsW
DeleteCriticalSection
MapViewOfFile
TlsGetValue
FindResourceExW
GetFullPathNameW
IsBadStringPtrW
GetVersionExW
GetCPInfo
CompareStringW
EnumUILanguagesW
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 827KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m3roh2
Size: 590KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.olea
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.p1la
Size: 870KB - Virtual size: 870KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lrigif
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

543afca65987c323da4265d4130a0b6a

Headers

File Characteristics

Imports

advapi32

shlwapi

user32

winspool.drv

secur32

kernel32

Sections

.text Size: 68KB - Virtual size: 68KB

.data Size: 827KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.m3roh2 Size: 590KB - Virtual size: 589KB

.olea Size: 441KB - Virtual size: 440KB

.p1la Size: 870KB - Virtual size: 870KB

.lrigif Size: 287KB - Virtual size: 287KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 68KB - Virtual size: 68KB

.data
Size: 827KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.m3roh2
Size: 590KB - Virtual size: 589KB

.olea
Size: 441KB - Virtual size: 440KB

.p1la
Size: 870KB - Virtual size: 870KB

.lrigif
Size: 287KB - Virtual size: 287KB

.rsrc
Size: 363KB - Virtual size: 362KB