ffc4a2213dec64cb8d73520fad45b177_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffc4a2213dec64cb8d73520fad45b177_JaffaCakes118
Size

1.2MB
MD5

ffc4a2213dec64cb8d73520fad45b177
SHA1

4f0af8b785ffd82e34838120f9c517f4150843a9
SHA256

1652a93de4f5ffb35d798751cf54461129655cf65925349492864bdc75a5036b
SHA512

8b55780442d922cf594e6a5170c5d7bebf442eda53e66f6b628cec9da73d2d118401c99cd4b8492d61c1d8cfeea0023ff02422676071472f9d721e738c6f2553
SSDEEP

24576:N9OLz89m9kYqzwEJdqhoi9YRYF8LMDeKDIRO:vaeMkWsQWQ9DIRO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffc4a2213dec64cb8d73520fad45b177_JaffaCakes118

Files

ffc4a2213dec64cb8d73520fad45b177_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7175d698d1194fdc61970e499f45a856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
ExitProcess
GetCurrentThreadId
IsSystemResumeAutomatic
GetLastError
SetHandleCount
WriteFile
SetFilePointer
SetFileShortNameW
GetCurrentProcess
GetCommModemStatus
GetSystemTime
FormatMessageW
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
GetVersionExW
OpenJobObjectW
WideCharToMultiByte
VirtualAlloc
GetVersion
CloseHandle
GetProcAddress
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
LeaveCriticalSection
EnterCriticalSection
TlsFree
CreateFileW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue

advapi32

RegEnumKeyExW
RegCloseKey
RegOpenKeyExW

user32

InsertMenuW
GetKeyboardLayoutList
DrawFrameControl
DdeCmpStringHandles
LoadImageW
LoadIconW
FindWindowExW
IntersectRect
DrawFocusRect
GetWindowTextLengthW
SetWindowTextW
ShowScrollBar
RedrawWindow
ShowWindow
GetDCEx
ReleaseDC
GetMenuItemID
CreatePopupMenu
GetMenu
IsWindowUnicode
GetQueueStatus
GetOpenClipboardWindow
EndDialog
DialogBoxParamW
CreateDialogParamW
BeginDeferWindowPos
GetWindowPlacement
ShowOwnedPopups

userenv

LeaveCriticalPolicySection
RegisterGPNotification
UnregisterGPNotification

mpr

WNetGetLastErrorW
WNetGetUniversalNameW
WNetEnumResourceW

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7175d698d1194fdc61970e499f45a856

Headers

File Characteristics

Imports

kernel32

advapi32

user32

userenv

mpr

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 1.0MB - Virtual size: 8.1MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 9KB - Virtual size: 8KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 1.0MB - Virtual size: 8.1MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 9KB - Virtual size: 8KB