8b76854521833b5cc4687fd83f50debe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b76854521833b5cc4687fd83f50debe_JaffaCakes118
Size

240KB
MD5

8b76854521833b5cc4687fd83f50debe
SHA1

091c0adda8ade8aa424b024d7492064961b69995
SHA256

f480173fe3fa405782747b7e9f33b81de362cdaba40007306edb96e603cf5ca6
SHA512

4bc4b2673923140fa18022755d32528539379c65c47d76c6996c858342b6cbcd151f67a5be2023b1a143e87e580689dfd3894827cb82022e2483ce7951c18607
SSDEEP

3072:gzPL74wEW5LI+3nB7f53rDEexiZkE59lwRXaomCz4ohR:sEexuRLqR7PsohR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b76854521833b5cc4687fd83f50debe_JaffaCakes118

Files

8b76854521833b5cc4687fd83f50debe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e65d282ee06d0ba870cc819ca7827a1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

ewklhojwkl\\ehw\\[email protected]

Imports

msvcrt

memset

wininet

InternetSetStatusCallbackW

user32

LoadStringW
GetKeyboardLayout
TranslateAcceleratorW
MessageBoxW
PostQuitMessage
MessageBeep
IsClipboardFormatAvailable
UnhookWinEvent
SendDlgItemMessageW
CheckMenuItem
GetMenuState
LoadImageW
DestroyWindow
SetCursor
LoadIconW
GetMessageW
ReleaseDC
SetWindowTextW
GetSystemMenu
CreateDialogParamW
GetDC
SetFocus
RegisterClassExW
GetMenu
GetSystemMetrics
ChildWindowFromPoint
GetWindowTextLengthW
LoadCursorW
GetClientRect
SetActiveWindow
GetWindowPlacement
EnableMenuItem
TranslateMessage
SetDlgItemTextW
GetFocus
SendMessageW
GetWindowTextW
RegisterWindowMessageW
SetWindowPos
GetParent
FindWindowW
SetWinEventHook
SetScrollPos
PeekMessageW
CloseClipboard
CreateWindowExW
DrawTextExW
ScreenToClient
LoadAcceleratorsW
PostMessageW
EnableWindow
DispatchMessageW
GetWindowLongW
GetSubMenu
GetDlgCtrlID
GetDlgItemTextW
DialogBoxParamW
IsDialogMessageW
GetForegroundWindow
GetCursorPos
ShowOwnedPopups
MoveWindow
SetForegroundWindow
CallWindowProcA
CharUpperW
GetAncestor
InvalidateRect
SetWindowLongW
SetWindowPlacement
DefWindowProcW
OpenClipboard
CharNextW
WinHelpW
EndDialog
IsIconic
UpdateWindow
ShowWindow
CreateIconFromResource
GetUpdatedClipboardFormats
ShutdownBlockReasonCreate
GetKeyboardType
GetDlgItem

lz32

LZInit
LZSeek

ntdll

RtlInitializeSListHead

ole32

HGLOBAL_UserMarshal
HWND_UserSize
CoTaskMemAlloc

cfgmgr32

CM_Set_DevNode_Registry_PropertyW

powrprof

IsPwrHibernateAllowed

msvfw32

DrawDibChangePalette

rasapi32

RasFreeEapUserIdentityW

winscard

SCardListReadersW

setupapi

SetupInitDefaultQueueCallback

advapi32

MakeSelfRelativeSD
SetThreadToken
RegFlushKey
QueryUsersOnEncryptedFile

gdi32

CopyMetaFileW
ExtSelectClipRgn
GetMapMode
RoundRect

crypt32

CryptVerifyDetachedMessageSignature

netapi32

NetServerTransportAddEx

kernel32

TlsGetValue
GetModuleHandleW
NotifyUILanguageChange
GetFileSizeEx
GetCPInfo
GetConsoleCP
PurgeComm
GetLogicalDrives
GetConsoleScreenBufferInfo
GetConsoleMode
UnhandledExceptionFilter
SetErrorMode
lstrcatA
GetProcessIdOfThread
FormatMessageW
FindFirstFileNameW

shlwapi

ChrCmpIA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PDn.
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata0
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e65d282ee06d0ba870cc819ca7827a1c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

wininet

user32

lz32

ntdll

ole32

cfgmgr32

powrprof

msvfw32

rasapi32

winscard

setupapi

advapi32

gdi32

crypt32

netapi32

kernel32

shlwapi

Sections

.text Size: 128KB - Virtual size: 127KB

.PDn. Size: 6KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 3KB

.rdata0 Size: 301KB - Virtual size: 300KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 128KB - Virtual size: 127KB

.PDn.
Size: 6KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 3KB

.rdata0
Size: 301KB - Virtual size: 300KB

.rsrc
Size: 1024B - Virtual size: 1000B