08bec82d2fa319e0c4757a9469bea582_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08bec82d2fa319e0c4757a9469bea582_JaffaCakes118
Size

398KB
MD5

08bec82d2fa319e0c4757a9469bea582
SHA1

360ff1aaf726309b78aab8bf6b3b120bd34d24f3
SHA256

b84ae84d23c0c04d5ceaa6a1550887576a04fc19ec3de8a2af570e499a942da5
SHA512

18a9473ef6d2ac41922d0541952c7986d2d5a9f9d165d37e02d05b42b65f4c462f9dcbf28bf9435282dfeb0b926638f0ad7d954d7fa91946e58be7c9af5bc546
SSDEEP

6144:hgGUYZ5AVMicewIMWgt2s6lOYeTM7pE11PocxKeI2rs9ux1rZzoiEpnXwEbR3byr:hg9I6V6e946kg7oN/10dXwCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08bec82d2fa319e0c4757a9469bea582_JaffaCakes118

Files

08bec82d2fa319e0c4757a9469bea582_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56cee89122dc5b3de66cd0ece22ca533

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderW
SHUpdateRecycleBinIcon
DragFinish
ExtractAssociatedIconA

advapi32

CryptDeriveKey
LookupAccountNameW
RegEnumKeyExA
CryptDuplicateKey
RegCreateKeyW
CryptEnumProviderTypesW
CryptSetProviderExA
RegSaveKeyA
CryptGenKey
RegRestoreKeyA
RegEnumKeyW
RegSetValueExW
CreateServiceA
RegOpenKeyExW

user32

GetDCEx
BroadcastSystemMessage
MessageBoxExA

comdlg32

PageSetupDlgW

gdi32

ExtTextOutW
GetGlyphOutlineA
PolyPolygon
GetCharWidthW
PtInRegion
SetSystemPaletteUse
PlayEnhMetaFileRecord
SelectClipRgn
GetCharacterPlacementA
SelectObject
GetRasterizerCaps
GetObjectA
EnumICMProfilesA
CreateDCW
TextOutA
GetTextMetricsW
SaveDC
IntersectClipRect
SetICMProfileW
EnumFontFamiliesExA

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetCompressedFileSizeW
GetVersion
TerminateProcess
VirtualAlloc
GetOEMCP
GetProcAddress
VirtualProtectEx
WriteFile
GetLastError
GetCPInfo
GetSystemTimeAsFileTime
OpenSemaphoreW
TlsFree
IsBadWritePtr
SetHandleCount
lstrlen
InterlockedExchange
GetEnvironmentStrings
LCMapStringW
CreateWaitableTimerW
GetFileType
GetCommandLineA
TlsGetValue
HeapReAlloc
HeapAlloc
InitializeCriticalSection
GetModuleHandleA
GetACP
GetStdHandle
GetCurrentProcess
LoadLibraryA
TlsAlloc
VirtualFree
OpenMutexW
GetEnvironmentStringsW
TlsSetValue
SystemTimeToTzSpecificLocalTime
GetCurrentThread
GetCurrentThreadId
HeapCreate
RtlUnwind
VirtualQuery
UnhandledExceptionFilter
GetTickCount
HeapDestroy
GetStartupInfoA
FreeEnvironmentStringsA
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
SetLastError
QueryPerformanceCounter
HeapFree
GetCurrentProcessId
GetStringTypeA
LeaveCriticalSection
GetModuleFileNameA
GetModuleHandleW
LCMapStringA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56cee89122dc5b3de66cd0ece22ca533

Headers

File Characteristics

Imports

shell32

advapi32

user32

comdlg32

gdi32

kernel32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 4KB - Virtual size: 16KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 4KB - Virtual size: 16KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 10KB - Virtual size: 10KB