d2ee9a1b9b4f2611d0c3c22575bcc6ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2ee9a1b9b4f2611d0c3c22575bcc6ba_JaffaCakes118
Size

350KB
MD5

d2ee9a1b9b4f2611d0c3c22575bcc6ba
SHA1

d3a87705b1dd6e4400500345e6e708358247d249
SHA256

7597af129e1741e2d12133a9c4a52192f2decac3e3a04f81ea34ac265804d249
SHA512

eb790f71623ebaccd68960e1895cfb17ff3459ff4d3c32f6e1c3d965c06e0703a526dcf7d531725e19c469e69afbb1bd5ab5cde1d9cecae459a0f8a912960a2d
SSDEEP

6144:RukiCIXQRFUPRLLHpsn4kx4JMWmaF0oc:R0vXqFMFHps4k+euz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2ee9a1b9b4f2611d0c3c22575bcc6ba_JaffaCakes118

Files

d2ee9a1b9b4f2611d0c3c22575bcc6ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbe4e98d1a8a97f8b718d29a2fd9a8aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Such\Fun\best\Both\Thousand\even\wintermatch.pdb

Imports

kernel32

HeapReAlloc
LoadLibraryW
WriteConsoleW
SetStdHandle
CreateFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CloseHandle
SetFilePointer
CompareStringW
GetTempPathA
GetCurrentProcessId
TlsAlloc
GetCurrentDirectoryA
GetModuleHandleA
FindNextFileA
GetModuleFileNameA
WaitForMultipleObjects
LoadLibraryA
GetTempFileNameA
GetProcAddress
FindFirstFileA
GetShortPathNameA
MultiByteToWideChar
GetEnvironmentVariableA
GetFileAttributesA
Sleep
TlsSetValue
GetWindowsDirectoryA
WaitForSingleObject
ExitProcess
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
TlsGetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetLocaleInfoW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetEnvironmentVariableA

user32

CallNextHookEx
EnumWindows
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
GetClassInfoExA

gdi32

RestoreDC
ExtTextOutA
StartDocA
Rectangle
CreateFontIndirectA
StartPage

comctl32

ImageList_Remove
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Destroy

shlwapi

StrRetToBufA
StrCmpNA
StrStrA
UrlIsA
PathCreateFromUrlA

advapi32

RegCloseKey
RegEnumKeyA
RegOpenKeyA
FreeSid
OpenSCManagerA
AllocateAndInitializeSid
QueryServiceStatus
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
InitializeSecurityDescriptor
RegDeleteKeyA
RegQueryValueExA
RegisterServiceCtrlHandlerA
RegSetValueExA
GetTokenInformation
SetEntriesInAclA
OpenThreadToken
DeleteService
StartServiceCtrlDispatcherA
OpenProcessToken
OpenServiceA

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbe4e98d1a8a97f8b718d29a2fd9a8aa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comctl32

shlwapi

advapi32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 6KB - Virtual size: 76KB

.rsrc Size: 134KB - Virtual size: 133KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 6KB - Virtual size: 76KB

.rsrc
Size: 134KB - Virtual size: 133KB