7bd9a418b8f1d74f73989d1ac066103b_JaffaCakes118

Resubmissions

28/05/2024, 17:41

240528-v9m1msdf4z 10

28/05/2024, 05:24

240528-f31ktsha64 10

Sharing

Copy URL

Twitter E-mail

General

Target

7bd9a418b8f1d74f73989d1ac066103b_JaffaCakes118
Size

523KB
MD5

7bd9a418b8f1d74f73989d1ac066103b
SHA1

8e09d4316ddb43b7947a0f0d311d5afd0437b9aa
SHA256

5a397ee7d4e95e0a63676aa6ac1aad4538a9dfdffe4aa63a57fe29068e64f9f6
SHA512

5ab32ef8ca8f81608a564cfd3f844f37d6c2a6b20e7f82b8314ab9eabe87efd5c0ea194ad042e8ff8f21119c937889c07d15cb1b0eca22b4d91919fbf270a55f
SSDEEP

12288:AcxmZvdvBEglDpgRXRObpaMOYzG5vVUqNmFBWsElTp9fbGfRKfslGiRJO4yvk1:UZvdvBEglDmdRgS5vZssT/jGwtiRJOnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bd9a418b8f1d74f73989d1ac066103b_JaffaCakes118

Files

7bd9a418b8f1d74f73989d1ac066103b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

92b1e6e6c6d60b0b0dd69c0b8f4587db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\nata\eight\eight\release\eight.pdb

Imports

kernel32

MoveFileExA
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
GetConsoleScreenBufferInfo
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetFileSizeEx
FlushFileBuffers
HeapReAlloc
ReadConsoleW
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
HeapFree
WriteConsoleW
FindFirstFileA
GetConsoleCP
FreeLibraryAndExitThread
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
RtlUnwind
RaiseException
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DeleteFileA
GetCompressedFileSizeW
GetFileAttributesA
CreateFileW
CreateFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetTempPathW
GetTempPathA
GetEnvironmentVariableA
GetStartupInfoA
GetModuleFileNameW
LoadLibraryW
LoadLibraryA
CreateEventW
CompareFileTime
GetSystemInfo
GetSystemTimeAsFileTime
MulDiv
ExitThread
GetCommState
CloseHandle
ReadFile
WriteFile
GetStdHandle
GetFileInformationByHandle
WaitForSingleObject
FindNextFileA
GetOverlappedResult
SetLastError
GetLastError
GetCurrentProcess
GetProcessHeap
HeapAlloc
VirtualAlloc
LocalFree
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetCurrentThreadId
GetCurrentProcessId
ExitProcess
GetCPInfo
GetStringTypeW
LCMapStringW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
FindNextFileW
TlsAlloc
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
DeleteCriticalSection
DeleteFileW
GetTickCount
FindClose
GetFileType
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
SetEndOfFile

user32

DestroyWindow
GetCursorInfo
GetScrollInfo
LoadBitmapA
GetWindowThreadProcessId
FindWindowA
GetDesktopWindow
GetWindowLongA
SetRect
FillRect
GetClientRect
SetPropA
SetScrollPos
ScrollWindowEx
GetMessageA
DrawIcon
TrackPopupMenu
AppendMenuW
SetFocus
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
GetDlgItem
SetForegroundWindow
SendMessageA
LoadImageA
LoadIconA
LoadCursorA
GetWindowRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
GetSystemMetrics
KillTimer
SetTimer
SetWindowPos
ShowWindow
CreateWindowExA
RegisterClassA
PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage

gdi32

SetViewportOrgEx
DPtoLP
MoveToEx
CreateDIBSection
GetWorldTransform
GetWinMetaFileBits
SetDIBitsToDevice
Rectangle
LineTo
InvertRgn
GetDIBits
Ellipse
CreateSolidBrush
CreateFontA
AnimatePalette
GetObjectA
CreateHalftonePalette
GetDIBColorTable
SelectPalette
SelectObject
RealizePalette
GetStockObject
DeleteObject
DeleteDC
CreatePalette
CreateCompatibleDC
BitBlt
SelectClipRgn

comdlg32

FindTextA

advapi32

CryptAcquireContextA
GetTokenInformation
CreateProcessAsUserA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
CryptGenRandom
CryptGenKey
CryptReleaseContext
OpenProcessToken

shell32

SHGetFolderPathA
SHGetSpecialFolderLocation
SHCreateDirectoryExA
ShellExecuteExW
SHBrowseForFolderA

ole32

CreateStreamOnHGlobal

oleaut32

OleCreatePictureIndirect

netapi32

NetShareGetInfo

avifil32

AVIBuildFilterA

msacm32

acmFormatTagDetailsA

shlwapi

PathRemoveFileSpecW
PathAppendA
ColorRGBToHLS

comctl32

ImageList_Draw
ImageList_GetIconSize
ImageList_Create

rpcrt4

UuidToStringA
UuidCreate

secur32

LsaGetLogonSessionData

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

92b1e6e6c6d60b0b0dd69c0b8f4587db

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

netapi32

avifil32

msacm32

shlwapi

comctl32

rpcrt4

secur32

Sections

.text Size: 271KB - Virtual size: 270KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 146KB - Virtual size: 146KB

.text
Size: 271KB - Virtual size: 270KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 146KB - Virtual size: 146KB