d9e6ee977d3aa91456c864d9f31d3554_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9e6ee977d3aa91456c864d9f31d3554_JaffaCakes118
Size

264KB
MD5

d9e6ee977d3aa91456c864d9f31d3554
SHA1

75a148b09db75918a217275dc18c46614a2f9ffc
SHA256

00fc5687363010e45bfba8c5725d7b93143e6b52b7b1ec6639782490aa7ded7f
SHA512

4f12f896ca1992772bfb9b02e03e8715762129035f6aa3c459deb4899e693acf7625de44412bac3e28ec688278cc1695a0261513438628d9f02c793e6efa2eb2
SSDEEP

3072:LGFaajQ1EanZK7hhsRy5lNC61wmQj4gZenzb92SO81bwt4nBDePy2pX6oOI5agCM:LNnE06hy0Pd4pInzbkaoPH4oOFNxsY27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9e6ee977d3aa91456c864d9f31d3554_JaffaCakes118

Files

d9e6ee977d3aa91456c864d9f31d3554_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2478409f44329f6733d17d481863a0da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
GetLocalTime
GetProcAddress

user32

GetSystemMetrics
CharNextA
CharUpperW
LoadMenuA
GetClassInfoA
MoveWindow
wvsprintfW
GetKeyboardType
mouse_event
GetDCEx
SetFocus
DestroyIcon
InsertMenuItemW
GetForegroundWindow
CreateAcceleratorTableW
PostMessageA
SetWindowTextW
MessageBeep
IsIconic
MessageBoxIndirectW
SetCursor

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

resutils

ResUtilSetPropertyTable
ResUtilSetResourceServiceStartParameters
ResUtilSetUnknownProperties
ResUtilStopResourceService
ResUtilGetResourceNameDependency
ResUtilVerifyResourceService
ResUtilFreeParameterBlock
ResUtilGetProperties
ResUtilGetResourceDependencyByClass
ResUtilVerifyPropertyTable
ResUtilGetAllProperties

gdi32

CreateFontIndirectExA
CreateBitmapIndirect
SetWinMetaFileBits
TranslateCharsetInfo
RemoveFontResourceExA
CreateFontW
ExtCreateRegion
CreateSolidBrush
CreateBrushIndirect
AddFontResourceW
RemoveFontResourceW
StretchDIBits
CreateFontIndirectW
CreateColorSpaceW
GetStockObject

dssec

DllCanUnloadNow
DSEditSecurity
DSCreateISecurityInfoObjectEx
DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HwP
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SIyg
Size: 4KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 92KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.R
Size: 4KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RfGKA
Size: 1KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 122KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GnPKMF
Size: 3KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2478409f44329f6733d17d481863a0da

Headers

File Characteristics

Imports

kernel32

user32

advapi32

resutils

gdi32

dssec

Sections

.text Size: 15KB - Virtual size: 14KB

.HwP Size: 4KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 24KB

.SIyg Size: 4KB - Virtual size: 329KB

.edata Size: 92KB - Virtual size: 141KB

.data Size: 8KB - Virtual size: 348KB

.R Size: 4KB - Virtual size: 152KB

.RfGKA Size: 1KB - Virtual size: 175KB

.edata Size: 122KB - Virtual size: 138KB

.GnPKMF Size: 3KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.HwP
Size: 4KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 24KB

.SIyg
Size: 4KB - Virtual size: 329KB

.edata
Size: 92KB - Virtual size: 141KB

.data
Size: 8KB - Virtual size: 348KB

.R
Size: 4KB - Virtual size: 152KB

.RfGKA
Size: 1KB - Virtual size: 175KB

.edata
Size: 122KB - Virtual size: 138KB

.GnPKMF
Size: 3KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 3KB