db82ec2b416a20edd87be50a597c1452_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db82ec2b416a20edd87be50a597c1452_JaffaCakes118
Size

1.6MB
MD5

db82ec2b416a20edd87be50a597c1452
SHA1

9b5bce418d5786c09cf7b0fe7d855877d1032ba5
SHA256

2c8e50fb235f58d8d1c02d3a5e1863c95e0d86fb9f2a2b96aa77ec7244a8287f
SHA512

bfd6d0d22c655c6356bc1b00edeaeecfd5d7659201d2008eff60b7e19a83b9cadb7096044b4c941a4976ac15659eddeaf154a0aebe441192f3cb9d800e996a5f
SSDEEP

24576:kT1/R6N9SRHX/B3TwZUR8XMLLY1rynYYHJde42+u/U:kTj6mRP1qhXqMzYa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db82ec2b416a20edd87be50a597c1452_JaffaCakes118

Files

db82ec2b416a20edd87be50a597c1452_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27f8c96728f83daf4416278205d29479

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigTransportCreate
MprConfigTransportGetHandle
MprConfigInterfaceCreate
MprConfigInterfaceGetHandle
MprConfigInterfaceTransportRemove
MprConfigInterfaceTransportEnum
MprConfigServerDisconnect

user32

SetRect
InvertRect
FrameRect
FillRect
GetWindowRect
GetWindowTextW
GetScrollRange
SetScrollRange
GetScrollPos
LockWindowUpdate
GetDCEx
GetDC
UnionRect
GetSubMenu
GetMenuState
CharPrevW
GetDlgItemTextW
DialogBoxParamW
DeferWindowPos
GetWindowPlacement
MoveWindow
ShowWindow
CallWindowProcW
DefWindowProcW
ExitWindowsEx
LoadCursorFromFileW
LoadIconW
WinHelpW
EnumDisplayMonitors
IsWinEventHookInstalled
GetRawInputBuffer
DdePostAdvise
TrackPopupMenu

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

kernel32

FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
GetConsoleCP
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
RaiseException
GetVersion
VirtualAlloc
HeapDestroy
IsDebuggerPresent
LeaveCriticalSection
ResetEvent
WriteFile
SetEndOfFile
SetMailslotInfo
GetModuleHandleExW
GetCommandLineW
FindResourceW
GetDiskFreeSpaceW
CreateFileW
FindFirstFileW
GetSystemPowerStatus
GetStringTypeW
CloseHandle
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 930KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ta877
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.chry
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e19o
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f8c96728f83daf4416278205d29479

Headers

File Characteristics

Imports

mprapi

user32

advapi32

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.data Size: 930KB - Virtual size: 7.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ta877 Size: 210KB - Virtual size: 209KB

.chry Size: 202KB - Virtual size: 202KB

.e19o Size: 179KB - Virtual size: 179KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.data
Size: 930KB - Virtual size: 7.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ta877
Size: 210KB - Virtual size: 209KB

.chry
Size: 202KB - Virtual size: 202KB

.e19o
Size: 179KB - Virtual size: 179KB

.rsrc
Size: 5KB - Virtual size: 4KB