8f6ba2057a2374ac862604efa52195f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8f6ba2057a2374ac862604efa52195f4_JaffaCakes118
Size

1.1MB
MD5

8f6ba2057a2374ac862604efa52195f4
SHA1

7daae8ee50ec68de0f46a49308f780eee5c211db
SHA256

b9bc83b627323a2e7cb8c5bc11971ff0103b5a64dc6c36aaf533b0f2d197eb0b
SHA512

5193f1e68c6aa9e7ce966b3b4ba51ec83393ae0c572636d22e94d9e4875653ae12b2a8c9c5fc27a46bff58f8c3f8200f5bce5ff8a26f94dbceb7bb849a1d988f
SSDEEP

24576:eDN5glk6+OP38cnNJ6TtxnhaxR3SV/KsT1ySsfRuOc0KyfFCx3uAexG:eDN50KEBotZdQ2xNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f6ba2057a2374ac862604efa52195f4_JaffaCakes118

Files

8f6ba2057a2374ac862604efa52195f4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8866f95fbcf29427dd334253cfcd8bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

user32

PostMessageW
PostThreadMessageW
RegisterClassExW
ShowWindowAsync
DeferWindowPos
DdeSetUserHandle
GetMonitorInfoW
EnumDisplayDevicesW
TranslateMDISysAccel
LoadIconW
FindWindowExW
EqualRect
ScreenToClient
GetCursor
ShowCursor
GetWindowTextW
GetPropW
GetMenuCheckMarkDimensions
AppendMenuW
LoadAcceleratorsW
KillTimer
EndDialog
DialogBoxParamW
CreateDialogParamW
BringWindowToTop

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
GetProcAddress
GlobalAlloc
VirtualAlloc
GetCurrentProcessId
ExitProcess
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetCurrentThreadId
GetLastError
WaitForSingleObject
GetFileTime
CloseHandle
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageW
lstrcmpiW
CreateEventW
GetCommandLineW
GetTempPathW
FindCloseChangeNotification
QueryPerformanceCounter
GetACP
MultiByteToWideChar
CompareStringW
GetConsoleWindow
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
CreateFileW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
FreeEnvironmentStringsW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile

wininet

HttpAddRequestHeadersW
HttpSendRequestW
InternetCrackUrlW

shell32

ShellAboutW
Shell_NotifyIconW
SHPathPrepareForWriteW
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
SHFileOperationW
DragAcceptFiles

mpr

WNetGetResourceInformationW

winspool.drv

EndPagePrinter

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 992KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8866f95fbcf29427dd334253cfcd8bc

Headers

File Characteristics

Imports

advapi32

user32

kernel32

wininet

shell32

mpr

winspool.drv

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 992KB - Virtual size: 7.9MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 7KB - Virtual size: 8KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 992KB - Virtual size: 7.9MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 7KB - Virtual size: 8KB