e8ea8453fd22b1fc996304496a34e8c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e8ea8453fd22b1fc996304496a34e8c1_JaffaCakes118
Size

92KB
MD5

e8ea8453fd22b1fc996304496a34e8c1
SHA1

99fb254110e7a2d9914a244e49659768b1fc8630
SHA256

188210ee0e7468d665715bc45ee58a0e3c7f61353673f0d00b974c007a871ef1
SHA512

d80073bbaa81ef271f1d936d812698df6f8457a48191471bb87d4e676ea6cb18c961d9a85744cbaabf3d3307daa7525ea9cc718cbb92b0e0d813fa5612c36073
SSDEEP

1536:XqiL6py0r7K27Mu5j2T6yR8QhmEKVDJ0puKI1daVmhJUwt:lwvr7Kuj2R89/Jj/xDUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8ea8453fd22b1fc996304496a34e8c1_JaffaCakes118

Files

e8ea8453fd22b1fc996304496a34e8c1_JaffaCakes118
.exe windows:2 windows x86 arch:x86

1d8ebddcfaec0dfdba91ed04158ec145

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

sprintf
_initterm
__set_app_type
__getmainargs
__setusermatherr
setlocale
_XcptFilter
exit
_controlfp
printf
__initenv
wprintf
_exit
_cexit
_c_exit

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW

kernel32

SetMessageWaitingIndicator
Process32First
GetCurrentProcess
lstrcmp
EnumSystemCodePagesA
GetSystemTime
FormatMessageW
CreateWaitableTimerW
DebugBreakProcess
CopyFileExW
IsBadStringPtrW
SetFileShortNameW
FreeLibraryAndExitThread
HeapSetInformation
GetVolumePathNameW
GetConsoleOutputCP
VirtualAlloc
DeleteVolumeMountPointA
GetCompressedFileSizeA
CreateMemoryResourceNotification
GetModuleHandleA
lstrcmpiA
QueueUserAPC
GetVersionExW
EnumSystemLocalesA
RemoveVectoredExceptionHandler
GetCurrentProcess
GlobalAlloc
GlobalHandle
DeviceIoControl
IsBadHugeReadPtr
FreeConsole
SetConsoleNumberOfCommandsA
GetProcessAffinityMask
SetThreadLocale
DeleteTimerQueueTimer
GetConsoleMode
GetUserDefaultLCID
WriteTapemark
AddAtomA
GetLongPathNameA
AddAtomW
GetDiskFreeSpaceExA
GetStringTypeExW
lstrcpy
GetThreadPriority
ReadConsoleOutputA
GetFileAttributesA
VirtualLock
EnumerateLocalComputerNamesW
GetStringTypeA
SetConsoleOutputCP
CompareStringA
GetOEMCP
BackupRead
CreateTimerQueue
LockFileEx
SetThreadLocale
GetTempPathW
DebugSetProcessKillOnExit
RegisterConsoleIME
SetThreadAffinityMask
SetVolumeMountPointW
ExpungeConsoleCommandHistoryW
SetConsoleNlsMode
GlobalSize
SetCommMask
GetCurrentThread
_hwrite
SetTimerQueueTimer

cfgmgr32

CM_Get_Global_State
CM_Add_ID_ExW
CM_Get_Device_IDA
CM_Get_Device_Interface_List_ExA
CM_Locate_DevNode_ExW
CM_Run_Detection_Ex
CM_Set_HW_Prof_Ex
CM_Get_Device_ID_List_ExA
CM_Get_Log_Conf_Priority_Ex
CM_Test_Range_Available
CM_Get_Resource_Conflict_Count
CM_Request_Eject_PC_Ex
CM_Create_DevNodeA
CM_Get_Depth_Ex
CM_Get_Class_Key_NameW
CM_Get_Hardware_Profile_InfoW
CM_Get_Depth
CM_Get_Device_Interface_List_SizeA
CM_Set_DevNode_Registry_PropertyW
CM_Delete_Class_Key
CMP_WaitServicesAvailable

Sections

.GoXz
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.N
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cGKI
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.chR
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d8ebddcfaec0dfdba91ed04158ec145

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

cfgmgr32

Sections

.GoXz Size: 1KB - Virtual size: 1KB

.N Size: 1KB - Virtual size: 1KB

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 3KB - Virtual size: 3KB

.cGKI Size: 3KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 63KB

.chR Size: 3KB - Virtual size: 36KB

.rsrc Size: 49KB - Virtual size: 48KB

.GoXz
Size: 1KB - Virtual size: 1KB

.N
Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 3KB - Virtual size: 3KB

.cGKI
Size: 3KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 63KB

.chR
Size: 3KB - Virtual size: 36KB

.rsrc
Size: 49KB - Virtual size: 48KB