f8f5faf14448e5048287be499d8b7f3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f8f5faf14448e5048287be499d8b7f3e_JaffaCakes118
Size

109KB
MD5

f8f5faf14448e5048287be499d8b7f3e
SHA1

2349f199c4cd948201552a30f48d45403354dfd3
SHA256

942b61d40803d09266c13e3c592f33e495cdab458ba662538bbea25501db52bf
SHA512

0dd3f784f54563525c25ea70e1024cdd5d229c5c56b0584a7742d6721e94e8352fbc48a8b7622638614f7ad5572eeb361a03c9bc9bdb598b55ea48a266a61697
SSDEEP

3072:Mf2sgVxzgtYMgkwnmJQcY5vA0RDq3F3gJyiNXsv:Mf2D8zK0fYlATF3g8GX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8f5faf14448e5048287be499d8b7f3e_JaffaCakes118

Files

f8f5faf14448e5048287be499d8b7f3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b742b4a12037dfcea79b0a837cd7ab3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA

advapi32

RegEnumValueA
RegDeleteValueA

user32

LoadStringA
SendMessageA
MessageBoxA
OpenClipboard
PeekMessageW
RegisterClipboardFormatA
PostQuitMessage
SetActiveWindow
PeekMessageA
RemovePropA
RedrawWindow
ReleaseCapture
MapWindowPoints
RemoveMenu
LoadIconA
RegisterWindowMessageA
PostMessageA
PtInRect
MapVirtualKeyA
OemToCharA
OffsetRect
SendMessageW
LoadCursorA
ScrollWindow
LoadBitmapA
ReleaseDC
LoadKeyboardLayoutA
ScreenToClient
MessageBeep
RegisterClassA

gdi32

SetBkColor
GetObjectA
SetBkMode
SetTextColor
SaveDC
SelectPalette
CreateDIBitmap
GetDCOrgEx
CreatePenIndirect
RestoreDC

kernel32

LoadLibraryExA
GlobalDeleteAtom
GetDiskFreeSpaceA
SetEndOfFile
GetCurrentThreadId
FindResourceA
GetFullPathNameA
LoadLibraryA
GetProcessHeap
GetModuleHandleA
WideCharToMultiByte
ResetEvent
GetModuleHandleW
LockResource
lstrcmpA
lstrlenA
GetVersionExA
ExitProcess
SetErrorMode
lstrcatA
GetLocaleInfoA
ReadFile
GetStringTypeW
GlobalFindAtomA
GetACP
Sleep
EnumCalendarInfoA
IsBadHugeReadPtr
FindClose
GetUserDefaultLCID
GetCommandLineA
GetModuleFileNameA
SetEvent
lstrlenW
GetFileType
GetFileSize
MulDiv
GetLastError
GetDateFormatA
lstrcpyA
HeapAlloc
RaiseException
GetProcAddress
GetCPInfo
CloseHandle
ExitThread
GetSystemDefaultLangID
LocalAlloc
SetThreadLocale
CreateEventA
SetFilePointer
SizeofResource
DeleteFileA
GetCurrentProcessId
lstrcmpiA
IsBadReadPtr
GetCommandLineW
HeapDestroy
GlobalAddAtomA
VirtualAllocEx
WriteFile

msvcrt

cos
clock

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 1024B - Virtual size: 883B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b742b4a12037dfcea79b0a837cd7ab3

Headers

File Characteristics

Imports

version

advapi32

user32

gdi32

kernel32

msvcrt

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 8KB

.gdata Size: 1024B - Virtual size: 883B

DATA Size: 8KB - Virtual size: 8KB

.adata Size: 512B - Virtual size: 306B

.rsrc Size: 1024B - Virtual size: 864B

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 8KB

.gdata
Size: 1024B - Virtual size: 883B

DATA
Size: 8KB - Virtual size: 8KB

.adata
Size: 512B - Virtual size: 306B

.rsrc
Size: 1024B - Virtual size: 864B