da9509ca4c28a6af6fbaedd76e7e6061_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da9509ca4c28a6af6fbaedd76e7e6061_JaffaCakes118
Size

3.4MB
MD5

da9509ca4c28a6af6fbaedd76e7e6061
SHA1

7f4360fd6fe4778dc55045864ce13593119b6176
SHA256

12ac921b4539afe80b8c9f1e56c0475a5b1c6be32a339668ab544156c97521f8
SHA512

aa2ec5674d204341a223bbc634e7a57c402177a51a3e7675c013dce3b4b9924e3d7d2f92b70edcea18fdb701e3c6ef193c5afa3e9c2099ef4d729305617c935d
SSDEEP

24576:UDGknWr0U8Lj4fGRUx7/GdpEcdIMuE3K9SCmlisk/hxuvsDr+qGYlz7KO:UD5nkCP4pNGdpEk3yJrsacvsDr+qGYlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da9509ca4c28a6af6fbaedd76e7e6061_JaffaCakes118

Files

da9509ca4c28a6af6fbaedd76e7e6061_JaffaCakes118
.exe windows:5 windows x86 arch:x86

543afca65987c323da4265d4130a0b6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW

shlwapi

AssocCreate
StrCmpNW
StrFormatByteSizeW
StrStrW
StrRetToBufW
PathGetDriveNumberW
PathIsRelativeW
PathRemoveBackslashW
PathRemoveBlanksW
PathRemoveFileSpecW
PathCreateFromUrlW
SHSetValueW

user32

GetMenuItemInfoW
TrackPopupMenuEx
GetMenuItemCount
GetMenuState
SetTimer
SetCapture
DragDetect
GetFocus
SendDlgItemMessageW
EndDialog
DialogBoxParamW
CreateWindowExW
DefWindowProcW
PeekMessageW
DrawIcon
SetActiveWindow
ShowScrollBar
GetMenuContextHelpId
MessageBoxW
GetSysColor
EqualRect
DestroyIcon
DrawIconEx
GetMonitorInfoW
GetKeyboardType

winspool.drv

EnumFormsW

secur32

FreeContextBuffer

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetVersion
GlobalAlloc
VirtualAlloc
ExitProcess
FreeEnvironmentStringsW
DeleteCriticalSection
MapViewOfFile
TlsGetValue
FindResourceExW
GetFullPathNameW
IsBadStringPtrW
GetVersionExW
GetCPInfo
CompareStringW
EnumUILanguagesW
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateFileW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 827KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m3roh2
Size: 590KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.olea
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.p1la
Size: 870KB - Virtual size: 870KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lrigif
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

543afca65987c323da4265d4130a0b6a

Headers

File Characteristics

Imports

advapi32

shlwapi

user32

winspool.drv

secur32

kernel32

Sections

.text Size: 68KB - Virtual size: 68KB

.data Size: 827KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.m3roh2 Size: 590KB - Virtual size: 589KB

.olea Size: 441KB - Virtual size: 440KB

.p1la Size: 870KB - Virtual size: 870KB

.lrigif Size: 287KB - Virtual size: 287KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 68KB - Virtual size: 68KB

.data
Size: 827KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.m3roh2
Size: 590KB - Virtual size: 589KB

.olea
Size: 441KB - Virtual size: 440KB

.p1la
Size: 870KB - Virtual size: 870KB

.lrigif
Size: 287KB - Virtual size: 287KB

.rsrc
Size: 363KB - Virtual size: 362KB