8b2ca8a838aa48b3bf2ead558613e2f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b2ca8a838aa48b3bf2ead558613e2f2_JaffaCakes118
Size

841KB
MD5

8b2ca8a838aa48b3bf2ead558613e2f2
SHA1

da60316b1438ab05cde81c5afe8b50750f044031
SHA256

b6090311151750643b221bf5850ff84e7e070207d8363253073ff950949b7f64
SHA512

6b84c55eca3a83cdd82e5194625046a1d9f0d0ccff2d96693a4d88726e78f58fbab3f99ecfe7f1db5e34bae650055b19003002d2b2743784fb9a5dd47a96a5ad
SSDEEP

6144:9bizlGGu5kl+aJPUiMMSkOF0zQkXKujhwKbmTG9GLRCMzVnvEeg+rIaTXQMzqnh:9biRGGeGJPUtEjz8FLRCiVnvEe/rU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b2ca8a838aa48b3bf2ead558613e2f2_JaffaCakes118

Files

8b2ca8a838aa48b3bf2ead558613e2f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae247fda83750d740d745985e0a34e0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
VerifyVersionInfoW
UnmapViewOfFile
Sleep
SetLastError
ReplaceFile
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryW
GetStdHandle
GetFileType
GetCommandLineA
FreeLibrary
FormatMessageW
FindNextFileW
FindFirstFileW
FindFirstChangeNotificationA
EscapeCommFunction
DefineDosDeviceA
GetCommandLineW
GetProcAddress
VirtualAlloc
GetLastError
GetStartupInfoA
GetVersion
lstrlenA
GetProcessHeap
HeapAlloc
GetDriveTypeW
GetDriveTypeA
LoadLibraryA
GetFileAttributesA
GetModuleHandleW
GetFileAttributesW
GetModuleHandleA
lstrlenW

user32

ShowCaret
ShowCursor
SwitchToThisWindow
TranslateAccelerator
TranslateAcceleratorW
WaitForInputIdle
SetWindowLongA
SetParent
SetMenuItemBitmaps
SetKeyboardState
PostThreadMessageW
PeekMessageW
OpenWindowStationA
LoadStringW
HiliteMenuItem
GetScrollInfo
GetPropW
GetProcessWindowStation
GetProcessDefaultLayout
GetNextDlgTabItem
GetLastActivePopup
GetClipboardData
FindWindowExA
FindWindowA
ExcludeUpdateRgn
EnumPropsW
EnumPropsExW
EndDeferWindowPos
EnableMenuItem
DrawTextExW
DestroyCursor
DdeKeepStringHandle
DdeEnableCallback
CreateWindowStationA
CreateWindowExW
CreatePopupMenu
CopyAcceleratorTableW
CloseClipboard
ChildWindowFromPointEx
CheckRadioButton
CharToOemA
ChangeMenuW
BroadcastSystemMessage
AnimateWindow
AllowSetForegroundWindow
GetSysColor
IsWindowVisible
DestroyWindow
ShowWindow
GetSystemMetrics
CharNextW
GetDlgItem
CharLowerW
UpdateWindow
CharUpperA
LoadBitmapW
DestroyIcon
LoadBitmapA
GetDC
CharNextA
CharLowerA
GetKeyState
IsWindow
CharUpperW
GetGuiResources

gdi32

GetSystemPaletteUse
GetWinMetaFileBits
PathToRegion
PlayEnhMetaFile
GetRgnBox
SetAbortProc
SetStretchBltMode
UpdateICMRegKeyW
WidenPath
PolyBezierTo
GetEnhMetaFileW
GetCharWidthA
GdiProcessSetup
FillRgn
ExtTextOutA
EngStretchBlt
EngDeleteSurface
EngBitBlt
EngAlphaBlend
CreateRoundRectRgn
CreateFontIndirectExA
CreateColorSpaceW
CopyMetaFileW
GetEnhMetaFileA
SetTextColor
SetBkMode
CreateMetaFileA
DeleteDC
SaveDC
CreateCompatibleDC
SelectObject
SetTextAlign
GetEnhMetaFileBits

advapi32

RegQueryValueExW

shell32

Shell_NotifyIcon
ShellExecuteW
ShellExecuteExA
ShellAboutA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHIsFileAvailableOffline
SHGetSettings
SHGetDiskFreeSpaceExW
SHEmptyRecycleBinA
SHCreateDirectoryExW
SHBindToParent
FindExecutableA
ExtractIconExA
ExtractAssociatedIconExA
DoEnvironmentSubstA
SHBrowseForFolderA

shlwapi

StrCmpNW
StrStrIW
StrStrW
StrChrIA

winmm

timeGetTime

msvcrt

_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_wcsdup
exit
fprintf
free
fwprintf
malloc
setlocale
vfwprintf
vswprintf

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gt1
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gt2
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gt3
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg
Size: 627KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae247fda83750d740d745985e0a34e0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

winmm

msvcrt

Sections

.text Size: 75KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 14KB - Virtual size: 14KB

.gt1 Size: 20KB - Virtual size: 19KB

.gt2 Size: 20KB - Virtual size: 19KB

.gt3 Size: 20KB - Virtual size: 19KB

ggg Size: 627KB - Virtual size: 626KB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 75KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 14KB - Virtual size: 14KB

.gt1
Size: 20KB - Virtual size: 19KB

.gt2
Size: 20KB - Virtual size: 19KB

.gt3
Size: 20KB - Virtual size: 19KB

ggg
Size: 627KB - Virtual size: 626KB

.rsrc
Size: 47KB - Virtual size: 47KB