de3866eefa8703c26e61890caf8d6a3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

de3866eefa8703c26e61890caf8d6a3e_JaffaCakes118
Size

297KB
MD5

de3866eefa8703c26e61890caf8d6a3e
SHA1

92bdef840b2910b20c6cccf6a20b832d1ab876b7
SHA256

807c023bca2546b664c75a6b93054add4fb5b8a321cfb173cdb32f2a94fadf21
SHA512

50f98d0cecdfee7c097fd81a351b2a59d4e4961c99a008ddde64cbc663367c95af71c8caca3e031ced665f71c4299269bf9a3458ccb22e3f145a6189fa89ec7c
SSDEEP

6144:JTuYP5Hghu5xDemuPJ0DmL8c6HEVIvz7OSoRjZUacH/8dckgT9Kv:JTuUWhOTK0DmqkeWSohnUUdczk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de3866eefa8703c26e61890caf8d6a3e_JaffaCakes118

Files

de3866eefa8703c26e61890caf8d6a3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd31040c1bbad5868832418b4c890eaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQueryEx
GetWindowsDirectoryW
HeapFree
CompareStringA
WritePrivateProfileStructW
GetThreadContext
LCMapStringW
WriteFile
FindClose
GetSystemInfo
ReadFile
SetStdHandle
RaiseException
OpenSemaphoreA
GetConsoleOutputCP
CreateFileA
IsValidCodePage
WideCharToMultiByte
SetFilePointer
FatalAppExitA
CreateFileMappingA
WaitForSingleObject
CreateFileW
ResumeThread
GetStdHandle
CreateProcessW
LCMapStringA
HeapAlloc
VirtualFree
TlsGetValue
SetUnhandledExceptionFilter
RtlUnwind
ReleaseSemaphore
VirtualProtectEx
TlsAlloc
OpenMutexA
WriteProcessMemory
GetPrivateProfileStringW
FreeLibrary
MapViewOfFileEx
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
EnumSystemLocalesA
DeviceIoControl
VirtualAlloc
CreateRemoteThread
GetDateFormatA
SetConsoleCtrlHandler
CreateMutexA
FlushFileBuffers
ReleaseMutex
CreateSemaphoreA
GetTempPathW
WriteConsoleW
HeapDestroy
GetPrivateProfileStructW
UnhandledExceptionFilter
GetFullPathNameW
GetConsoleCP
GetFileType
IsDebuggerPresent
ReadProcessMemory
GetTimeZoneInformation
GetSystemDefaultLangID
LeaveCriticalSection
RemoveDirectoryW
GetModuleHandleA
SetThreadAffinityMask
GetACP
FindFirstFileW
HeapReAlloc
SetProcessWorkingSetSize
TlsSetValue
SetLastError
TlsFree
SetHandleCount
FindNextFileW
CopyFileW
WriteConsoleA
MoveFileW
HeapSize
CloseHandle
TerminateThread
ExpandEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
EnterCriticalSection
IsValidLocale
GetTimeFormatA
UnmapViewOfFile
InitializeCriticalSectionAndSpinCount
CompareStringW
WritePrivateProfileStringW
OpenFileMappingA
GetShortPathNameW
QueryDosDeviceW
DeleteCriticalSection
GetModuleHandleW
GetDriveTypeW
GetOEMCP
OpenProcess
GetUserDefaultLCID
GetLogicalDrives
GetCommandLineA
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetConsoleMode
GetLocalTime

advapi32

AllocateAndInitializeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
LookupPrivilegeValueW
CreateServiceW
RegLoadKeyW
RegDeleteKeyW
RegQueryInfoKeyW
InitializeAcl
FreeSid
QueryServiceConfigW
RegQueryValueExW
RegSetValueExW
CloseServiceHandle
DeleteService
GetLengthSid
InitializeSecurityDescriptor
StartServiceW
RegDeleteValueW
EnumServicesStatusW
OpenProcessToken
RegCreateKeyExW
RegEnumValueW
OpenSCManagerW
AdjustTokenPrivileges
SetSecurityDescriptorOwner
RegUnLoadKeyW
RegCloseKey
RegEnumKeyExW
RegSetKeySecurity
OpenServiceW
QueryServiceStatus
RegOpenKeyExW
ControlService

ole32

OleInitialize
OleUninitialize

user32

PostMessageW
SendMessageTimeoutW
EnumChildWindows
GetWindowThreadProcessId
EnumWindows
IsWindowVisible
GetClassNameW
GetWindowTextW
GetDC
CreatePopupMenu
OffsetRect
MessageBeep
CopyIcon
UpdateLayeredWindow
PostQuitMessage
GetClassInfoExA
GetDlgItemTextA
CharNextA
WinHelpA
DestroyCursor
SetDlgItemInt
SetMenu
InvalidateRect
GetSysColorBrush
PostMessageA
LoadCursorA

gdi32

GetLayout

faultrep

AddERExcludedApplicationW
ReportHang

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd31040c1bbad5868832418b4c890eaf

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

gdi32

faultrep

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 252KB - Virtual size: 1.0MB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 13KB - Virtual size: 25KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 252KB - Virtual size: 1.0MB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 13KB - Virtual size: 25KB