d62f1b9303ae24b7072cb451078d6db1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d62f1b9303ae24b7072cb451078d6db1_JaffaCakes118
Size

317KB
MD5

d62f1b9303ae24b7072cb451078d6db1
SHA1

509f35dc2ba5579a052e68ddd8b0119cad643ac6
SHA256

19d98022433fbe4b4476fd50b442bc2d9f95339b91a99ed837de37634fddb61b
SHA512

03fd75ff0123a5dece75d788dc08ab25ca07c70d641c2ed75ac6853411a3625d2317cae336ce833811b8ada134c32b19b524ee5ee2172e6b203f7537c7a59333
SSDEEP

6144:jGaNcwT2QRhO8tFGS35s8Yp+fbNFBC715jSw4GaYAlLBfPkWpaE:SZmR7aSbs+T9C7njS3MyLBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d62f1b9303ae24b7072cb451078d6db1_JaffaCakes118

Files

d62f1b9303ae24b7072cb451078d6db1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2667be3d3fdcafa05c1cf3e627df613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GetCurrentProcessId
CreateProcessA
GetTempPathA
GetVersion
GetLongPathNameW
InitializeCriticalSectionAndSpinCount
HeapFree
WaitForSingleObject
GetVersionExW
GetFileAttributesW
DeleteFileW
IsDebuggerPresent
TlsAlloc
lstrlenW
InitializeCriticalSection
ExpandEnvironmentStringsW
GlobalFree
GetCurrentProcessId
LoadLibraryExW
IsValidCodePage
LoadLibraryA
TlsSetValue
VirtualProtect
SetEvent
DeleteCriticalSection
VirtualFree
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
SetLastError
HeapReAlloc
FlushFileBuffers
LoadLibraryW
GetSystemInfo
GetModuleFileNameW
QueryPerformanceCounter
GetModuleHandleA
GetTempFileNameA
FreeLibrary
HeapAlloc
InterlockedExchange
GetCurrentThreadId
OpenMutexA
GlobalMemoryStatus
CloseHandle
ReleaseMutex
GetLastError
GetDiskFreeSpaceExW
GetFileType
GetStringTypeExW
lstrcmpiW
GetShortPathNameW
LeaveCriticalSection
TlsGetValue
ExitProcess
GetProcAddress
SetUnhandledExceptionFilter
IsValidLocale
FlushFileBuffers
LocalAlloc
GetProcessHeap
GetCurrentThread
GetShortPathNameA
CreateEventW
GetUserDefaultLCID
GetVersionExA
GetModuleHandleW
WriteFile
IsDBCSLeadByte
GetCurrentProcess
TlsFree
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
CreateMutexA
VirtualAlloc
CreateDirectoryW
GetProcessTimes
CreateSemaphoreA
CreateProcessW
EnterCriticalSection
UnhandledExceptionFilter
HeapValidate
GetTickCount
RaiseException
CompareStringW
IsProcessorFeaturePresent
HeapSize
GetSystemDirectoryW
WideCharToMultiByte
OutputDebugStringA
ReleaseSemaphore
GetSystemDefaultLCID
GetSystemWindowsDirectoryW
TerminateProcess
LocalFree
InterlockedCompareExchange
Sleep

user32

GetMonitorInfoA
EnumWindowStationsW
GetSysColor
EnumDisplayMonitors
GetMenuCheckMarkDimensions
GetDC
ReleaseDC
GetSystemMetrics
SystemParametersInfoA
GetKeyboardLayout

secur32

GetUserNameExW

gdi32

GetDeviceCaps
DeleteObject
CreateDCA
CreateSolidBrush
DeleteDC

advapi32

AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
AddAccessDeniedAce
AllocateAndInitializeSid
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExA
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
InitializeAcl
CopySid
RegDeleteKeyW
GetLengthSid
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
GetTokenInformation
OpenThreadToken
ConvertSidToStringSidA
CheckTokenMembership
IsValidSid
RegEnumValueW
RegQueryValueExW
RegOpenKeyExA
GetSecurityDescriptorDacl
RegEnumKeyExW

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2667be3d3fdcafa05c1cf3e627df613

Headers

File Characteristics

Imports

version

kernel32

user32

secur32

gdi32

advapi32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 72KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 72KB