c90074b3dca0ae9d07f99157217bf102_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c90074b3dca0ae9d07f99157217bf102_JaffaCakes118
Size

1.5MB
MD5

c90074b3dca0ae9d07f99157217bf102
SHA1

73da43c837df1d26f9c9dc7b7ecebac870db39d9
SHA256

c026cd3700e2dffe01bbc4d6596873f06a2c31ec28a8776d0a745dd1e5ab970d
SHA512

473d72f79ba4abf81dcd05abd664016849e8132c8a01ae912c79bd5676b30633c9f82f69526a0098dfd70f33c76f48f93f7d78c4d3698f9270145ccc779a1aa5
SSDEEP

24576:qOQvWo+rfZ/cg2Ny9hsc/QgIXs9MULb4V7HkxPgFJn5DyMPC89SjVVa5U+Qq:LlpZ/cgyYhvIEfK7Eqp1ijVI5U+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c90074b3dca0ae9d07f99157217bf102_JaffaCakes118

Files

c90074b3dca0ae9d07f99157217bf102_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b1009f38737985eb068219d97d28f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Temp\infa_tester\DownloadInfra\DownloadInfra\Release\DownloadInfra.pdb

Imports

kernel32

FreeLibrary
LoadLibraryExA
SetErrorMode
ResumeThread
SuspendThread
LoadLibraryA
GetCurrentProcess
GetCurrentThread
TerminateProcess
OpenProcess
GetTempPathA
GetCurrentDirectoryA
GetFullPathNameA
GetFileAttributesA
GetDriveTypeA
FileTimeToLocalFileTime
GetLocalTime
SetEndOfFile
CreateFileA
GetTimeZoneInformation
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetVersionExA
MoveFileExA
CopyFileA
GetProcAddress
DeleteFileA
GetDiskFreeSpaceA
lstrcpyA
lstrcatA
GetModuleHandleA
CreateMutexA
GetLastError
CreateDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateProcessA
CloseHandle
FileTimeToSystemTime
Sleep
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
ExitProcess
HeapFree
ExitThread
CreateThread
GetCurrentThreadId
HeapAlloc
GetStartupInfoA
GetCommandLineA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
FlushFileBuffers
SetFilePointer
UnhandledExceptionFilter
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadImageA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
DestroyWindow
PostQuitMessage
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
PostMessageA
BeginPaint
GetClientRect
DrawTextA
EndPaint
MessageBoxA
LoadStringA
InvalidateRect

gdi32

CreateCompatibleDC
SaveDC
SelectObject
BitBlt
SetBkColor
SetTextColor
RestoreDC
CreateSolidBrush

advapi32

ImpersonateSelf
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
OpenThreadToken

Exports

Exports

_Java_DownloadInfraNative_getMsgCentralAtendimento@8
_Java_DownloadInfraNative_getNomeInstalador@8
_Java_DownloadInfraNative_getNomePacote@8
_Java_DownloadInfraNative_getPathInstalacao@8
_Java_DownloadInfraNative_getPathLog@8
_Java_DownloadInfraNative_getPathTmp@8
_Java_DownloadInfraNative_setInicioServico@12
_Java_DownloadInfraNative_setLeiame@12
_Java_DownloadInfraNative_setStatusJvm@12

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b1009f38737985eb068219d97d28f88

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB