ef9cd0864fc9c5705a89e062fe018454_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef9cd0864fc9c5705a89e062fe018454_JaffaCakes118
Size

2.4MB
MD5

ef9cd0864fc9c5705a89e062fe018454
SHA1

8a2921165ad9b52f6b6dcc459dbb2666043649cd
SHA256

9b36aaf6b683bab3b1e4bc03aedfea92d6b4063d3b415af163a189acf15ef9b9
SHA512

00f1f82436b0b3b5c4905b5fcad8588e2ac538201d39be03d32b5d30f8fc1f8067b07573eaf4b26956dd7f05479f9aa6635784d6fe5fd096ea84088bcb88df2c
SSDEEP

24576:vypihKwjQgqEGgGAXuwAYO7v4m18VD+BcgGbiLsmT9:v/6LE2Ai1dBLhsq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef9cd0864fc9c5705a89e062fe018454_JaffaCakes118

Files

ef9cd0864fc9c5705a89e062fe018454_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5719bf0bc19589d6e1e86b70dcb73004

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MsgWaitForMultipleObjects
ExitWindowsEx
DefRawInputProc
GetScrollInfo
LoadIconW
LoadCursorW
GetClassNameW
EnableScrollBar
BeginPaint
GetMenuItemCount
CreatePopupMenu
DrawEdge
GetLastInputInfo
GetNextDlgTabItem
IsDlgButtonChecked
DeferWindowPos
FlashWindow
DestroyWindow
GetClassInfoW
UnregisterClassW
ReplyMessage

advapi32

RegQueryValueExW
OpenSCManagerW
RegOpenKeyExW

winspool.drv

AddPrinterConnectionW

crypt32

CryptQueryObject
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptHashCertificate
CertFreeCTLContext
CertAddCertificateContextToStore
CertAddEncodedCertificateToStore
CryptProtectData
CertSetCertificateContextProperty
CertEnumCertificatesInStore
CryptMsgGetParam
CryptMsgOpenToDecode
CryptFindOIDInfo
CryptEncodeObjectEx
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertGetCertificateContextProperty

kernel32

RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
GlobalAlloc
GlobalFree
VirtualAlloc
HeapSize
InitializeCriticalSection
SizeofResource
SetHandleCount
GetFileType
ReadFile
SetEndOfFile
GetTimeZoneInformation
FileTimeToSystemTime
LoadLibraryExW
ExpandEnvironmentStringsW
OutputDebugStringW
GetTempPathW
FindNextFileW
CompareStringW
EnumSystemGeoID
GetUserDefaultLCID
GetStringTypeW
GetCommandLineW
RaiseException
GetCPInfo
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP

mpr

WNetGetUniversalNameW
WNetGetResourceInformationW

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 434KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3dmev
Size: 562KB - Virtual size: 562KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s3oeh
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.n7065o
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e036
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5719bf0bc19589d6e1e86b70dcb73004

Headers

File Characteristics

Imports

user32

advapi32

winspool.drv

crypt32

kernel32

mpr

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 434KB - Virtual size: 6.8MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.t3dmev Size: 562KB - Virtual size: 562KB

.s3oeh Size: 474KB - Virtual size: 473KB

.n7065o Size: 314KB - Virtual size: 313KB

.e036 Size: 203KB - Virtual size: 202KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 434KB - Virtual size: 6.8MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.t3dmev
Size: 562KB - Virtual size: 562KB

.s3oeh
Size: 474KB - Virtual size: 473KB

.n7065o
Size: 314KB - Virtual size: 313KB

.e036
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 362KB - Virtual size: 362KB