8585ff597fd5da9374ca1e08abf3f4b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8585ff597fd5da9374ca1e08abf3f4b4_JaffaCakes118
Size

1.2MB
MD5

8585ff597fd5da9374ca1e08abf3f4b4
SHA1

4a65016b56d3f2d4e442143ddb8f9efdf1eb01d2
SHA256

ed65895a22363a178be712d02ea35f72fb70aa3f352d16901e54154d049fc456
SHA512

4307ae260796dd21851b7a93a8c5ac56cb8857491c54ecb9939881a741d96ffcaa3953aa78626a3d1a2ea730d598f558dd4acd543cefd651878c56abe163bc67
SSDEEP

12288:Vu0GFrhVx98HptID8CLwrSQmASVullFKuoLGE+puVAZZVh6p7FjniDgi3/:ix5WHptYEbJ/VXoLipuKph6p7ZiZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8585ff597fd5da9374ca1e08abf3f4b4_JaffaCakes118

Files

8585ff597fd5da9374ca1e08abf3f4b4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b91c92f9e043704b395b42c45c203088

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
HeapAlloc
HeapFree
ExitProcess
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
GetFileType
SetFilePointer
SetFileTime
CloseHandle
GetSystemTime
lstrlenW
TlsSetValue
TlsFree
OpenFileMappingW
LoadLibraryW
GetCommandLineW
ExpandEnvironmentStringsW
CreateDirectoryW
GetVersionExW
GetACP
CompareStringW
GetLocaleInfoW
GetUserDefaultLCID
GetStringTypeW
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
CreateFileW
GetModuleHandleW
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter

shell32

ShellAboutW
DragAcceptFiles
SHGetFileInfoW
SHGetPathFromIDListW
SHPathPrepareForWriteW
SHBindToParent
SHCreateDirectoryExW

wininet

HttpQueryInfoW
InternetSetOptionW

setupapi

SetupCloseFileQueue
SetupDiEnumDriverInfoW
SetupCloseInfFile

winspool.drv

AddJobW

uxtheme

CloseThemeData
DrawThemeText
GetThemeSysColor
EnableThemeDialogTexture
GetCurrentThemeName
DrawThemeBackground

user32

GetPriorityClipboardFormat
ToAscii
DrawIcon
GetDC
EndPaint
GetUpdateRect
SetCursor
DdeAddData
DrawEdge

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b91c92f9e043704b395b42c45c203088

Headers

File Characteristics

Imports

kernel32

shell32

wininet

setupapi

winspool.drv

uxtheme

user32

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 752KB - Virtual size: 752KB

.data Size: 15KB - Virtual size: 7.2MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 752KB - Virtual size: 752KB

.data
Size: 15KB - Virtual size: 7.2MB

.rsrc
Size: 362KB - Virtual size: 361KB