eb7abdbb3c83b6260040c814f354fea9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb7abdbb3c83b6260040c814f354fea9_JaffaCakes118
Size

1.7MB
MD5

eb7abdbb3c83b6260040c814f354fea9
SHA1

8d79bb91f2a5259ed743f4f91614118ca3ce4f92
SHA256

ade1bd5bc5766bdf09b5745b271610839a1ee602ff1584f5d5073e5003644c6b
SHA512

31f55a0ab641d7a0dcf5c4975dd3dc6c1b08b902ae826833b17d4c865d6aeb776ce691abca8a07f9a47f574e927357da98e11377bde0cdff974ab49ab84505e7
SSDEEP

24576:9itJNlATKtVmOGMyABN04d5MAfEuDGvmgUn7pjeavmEwkBC:9itH2ICC1DcmPn7pRvmEweC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb7abdbb3c83b6260040c814f354fea9_JaffaCakes118

Files

eb7abdbb3c83b6260040c814f354fea9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9c3b64158363af728502134ea75d83f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetFileSize
ReadFile
FindClose
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
CompareFileTime
FlushViewOfFile
lstrcmpiW
TlsAlloc
GetModuleHandleW
GetStartupInfoW
FindResourceExW
CreateFileW
DeleteFileW
CreateNamedPipeW
GetVersionExW
CreateJobObjectW
IsValidCodePage
GetACP
GetUserDefaultLCID
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapFree
LCMapStringW
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
IsDebuggerPresent
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
HeapDestroy
VirtualAlloc
LocalFree
LocalAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
DeleteCriticalSection
CloseHandle
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
GetCurrentThreadId
SetLastError
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError

user32

GetWindowTextLengthW
DrawCaption
RegisterClassW
SetWindowPos
DeferWindowPos
MapDialogRect
IsIconic
LoadImageW
DestroyIcon
CreateIcon
LoadCursorW
GetTopWindow
GetParent
SetWindowLongW
GetWindowLongW
InflateRect
CopyRect
GetCursorPos
IsDialogMessageW
ShowScrollBar
EnableMenuItem
DestroyMenu
DrawMenuBar
SetMenu
IsWindowEnabled
EnableWindow
MsgWaitForMultipleObjectsEx
CharUpperW
EndDialog
DialogBoxParamW
CreateDialogParamW

ole32

CoGetMalloc
StringFromCLSID
CLSIDFromProgID
CoTaskMemAlloc
CreateStreamOnHGlobal

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW

setupapi

CM_Get_Parent_Ex
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetClassDevsW
SetupDiGetSelectedDriverW
SetupDiOpenDeviceInterfaceW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupGetStringFieldW
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetDeviceInstanceIdW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 590KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ir6uh
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsrt
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r4oolt
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o4r6
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c3b64158363af728502134ea75d83f3

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

setupapi

Sections

.text Size: 102KB - Virtual size: 101KB

.data Size: 590KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.ir6uh Size: 508KB - Virtual size: 507KB

.wsrt Size: 152KB - Virtual size: 152KB

.r4oolt Size: 37KB - Virtual size: 37KB

.o4r6 Size: 249KB - Virtual size: 249KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 102KB - Virtual size: 101KB

.data
Size: 590KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.ir6uh
Size: 508KB - Virtual size: 507KB

.wsrt
Size: 152KB - Virtual size: 152KB

.r4oolt
Size: 37KB - Virtual size: 37KB

.o4r6
Size: 249KB - Virtual size: 249KB

.rsrc
Size: 100KB - Virtual size: 100KB