119198b81f232708e9d622ebdad80316_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

119198b81f232708e9d622ebdad80316_JaffaCakes118
Size

464KB
MD5

119198b81f232708e9d622ebdad80316
SHA1

0a233755cf0c88f46f7a84790daafe08ea77dc9f
SHA256

635faa1c6500b28a3bbe3adc82b2ed1aa9584bfe85a9368320e9a78f3a5a1456
SHA512

8a37d58def0fc39e5c5543b33440c7fb35aa869bf673f0d8dea3cb178be7dc98d88b9633b68d6e761b0ecd58fe8ff477f33d07724f1356eeb5dbf0015a9fc9e2
SSDEEP

12288:UfZUMgbe5Q+Qh/olqFTNJwMiuwqv1ye1kipH:uke6tHFTNJKuwqZ1kA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
119198b81f232708e9d622ebdad80316_JaffaCakes118

Files

119198b81f232708e9d622ebdad80316_JaffaCakes118
.exe windows:4 windows x86 arch:x86

435c1f049a0d22143a2d943d8ea2906d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
DelayLoadFailureHook
GetOverlappedResult
GetFileSize
WriteFile
RaiseException
GetFileAttributesExW
GetSystemInfo
CreateFileW
GetFileAttributesW
FindFirstFileW
VirtualFree
lstrcpynW
WaitNamedPipeW
GetTickCount
GetPriorityClass
GetSystemTimeAsFileTime
InterlockedDecrement
Sleep
SetFilePointer
LoadResource
GetSystemDirectoryW
lstrlenW
SetThreadPriority
CreateEventW
ReadFile
GetLocalTime
OutputDebugStringW
InterlockedExchangeAdd
CancelIo
GetSystemTime
IsBadWritePtr
lstrcpyW
GetSystemWindowsDirectoryW
InitializeCriticalSection
OpenFile
SearchPathW
OpenMutexW
GetModuleFileNameW
GetVolumeInformationW
MoveFileW
EnumUILanguagesW
GetDriveTypeW
GetProfileIntA
OpenEventW
_lclose
GetComputerNameExW
LocalReAlloc
ReleaseMutex
LoadLibraryW
GetFileTime
WaitForSingleObject
SetLastError
CreateFileA
GetLastError
CreateMutexA
GetDiskFreeSpaceExW
SetErrorMode
FindResourceA
FreeLibrary
HeapFree
MapViewOfFile
GetLongPathNameW
GetVersionExA
GetProcessHeap
CreateProcessInternalW
AreFileApisANSI
GetModuleHandleW
CreateEventA
DuplicateHandle
ResumeThread
FindClose
GetProcAddress
CreateThread
FindFirstFileExW
GetWindowsDirectoryW
UnmapViewOfFile
lstrcpyA
GetCurrentProcessId
InterlockedCompareExchange
ExitThread
UnhandledExceptionFilter
lstrcmpW
GetLogicalDriveStringsW
GetComputerNameW
EnterCriticalSection
GetCurrentThread
CompareFileTime
QueryPerformanceCounter
LeaveCriticalSection
FindNextFileW
CloseHandle
lstrlenA
GetPrivateProfileIntW
HeapAlloc
SizeofResource
WritePrivateProfileStringW
LocalAlloc
DeleteCriticalSection
GetPrivateProfileStringW
CreateFileMappingA
GlobalMemoryStatus
GetModuleHandleExW
DeleteFileW
ReadProcessMemory
CreateMutexW
FormatMessageW
GetCurrentProcess
InterlockedIncrement
ResetEvent
CreateProcessInternalA
SetNamedPipeHandleState
SleepEx
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetCommandLineW
ExpandEnvironmentStringsW
lstrcmpiW
OpenProcess
InterlockedExchange
VirtualAlloc
TerminateProcess
GetDiskFreeSpaceW
GetCurrentThreadId
GetModuleHandleA
WaitForMultipleObjectsEx
GetFullPathNameA
SetEvent
FindResourceExW
MultiByteToWideChar
GetFileSizeEx
lstrcatW
LoadLibraryA
GetProfileStringA
CopyFileW
GetUserDefaultUILanguage
LocalFree
ExpandEnvironmentStringsA
CreateFileMappingW
LoadLibraryExW
DeviceIoControl
WideCharToMultiByte
GetFullPathNameW

ddraw

DirectDrawCreate

ntdll

RtlAdjustPrivilege
NtWaitForSingleObject

rpcrt4

UuidFromStringW
NDRCContextBinding
RpcStringBindingParseW
RpcRevertToSelf
RpcBindingSetAuthInfoW
RpcBindingToStringBindingW
UuidToStringW
RpcBindingSetAuthInfoExA
I_RpcBindingIsClientLocal
UuidCreate
I_RpcExceptionFilter
RpcBindingFree
RpcBindingSetAuthInfoA
RpcStringBindingComposeW
RpcRaiseException
NdrClientCall2
RpcBindingFromStringBindingW
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcEpResolveBinding
RpcImpersonateClient
RpcSsDestroyClientContext
I_RpcMapWin32Status

Sections

.text
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 380KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

435c1f049a0d22143a2d943d8ea2906d

Headers

File Characteristics

Imports

kernel32

ddraw

ntdll

rpcrt4

Sections

.text Size: 4KB - Virtual size: 880B

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 48KB - Virtual size: 46KB

.data Size: 380KB - Virtual size: 2.4MB

.rdata Size: 20KB - Virtual size: 17KB

.text
Size: 4KB - Virtual size: 880B

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 48KB - Virtual size: 46KB

.data
Size: 380KB - Virtual size: 2.4MB

.rdata
Size: 20KB - Virtual size: 17KB