8257dc4d9fb2ef5b97d67c9edaad78e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8257dc4d9fb2ef5b97d67c9edaad78e2_JaffaCakes118
Size

244KB
MD5

8257dc4d9fb2ef5b97d67c9edaad78e2
SHA1

c4dfc89443ad6d7f5ad127a862a99d86f7d887df
SHA256

c2564c44140bb933cff8091cf6da09e9e7d568da035bd11afee5a58f33208f8d
SHA512

524af32ee0ba49ea77d916a3ffe379adb44dfdd1498c4cf86f1bd6304a7efc1eceb79e9a34c9ecbda115063cfb838ba79951601340ba92aaa906a1db5eb958cb
SSDEEP

6144:eDfrALhMRBrMk8t9SUD8TU2gKmy3nSWYa6tXb:gKMjrlXU4hb3nSWh65b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8257dc4d9fb2ef5b97d67c9edaad78e2_JaffaCakes118

Files

8257dc4d9fb2ef5b97d67c9edaad78e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
EnterCriticalSection
LocalAlloc
SizeofResource
WaitForSingleObject
LockResource
FreeLibrary
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
GetGeoInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SystemTimeToTzSpecificLocalTime
DisableThreadLibraryCalls
LocalFree
OpenProcess
CreateFileW
lstrlenW
UnhandledExceptionFilter
SystemTimeToFileTime
GetUserDefaultUILanguage
TzSpecificLocalTimeToSystemTime
LoadLibraryExW
GetSystemTime
FindResourceW
FindResourceExW
LeaveCriticalSection
WideCharToMultiByte
GetLocalTime
CompareFileTime
HeapDestroy
HeapSize
GetUserGeoID
GetNumberFormatW
CreateProcessW
DeleteCriticalSection
HeapReAlloc
ProcessIdToSessionId
LoadResource
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetProcessHeap
GlobalFree
RaiseException
CloseHandle
GetFileAttributesExW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetStartupInfoA
VirtualAllocEx

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance
IIDFromString

oleaut32

VariantInit
VariantCopyInd
VariantClear
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi

psapi

GetModuleBaseNameW

user32

PostMessageW
GetSystemMetrics
EnumWindows
GetActiveWindow
DestroyIcon
GetWindowThreadProcessId
LoadIconW
GetDesktopWindow
AllowSetForegroundWindow

crypt32

CryptProtectData
CryptUnprotectData
CertFreeCertificateContext
CertNameToStrW

rpcrt4

UuidFromStringW

mscms

CreateColorTransformA
IsColorProfileTagPresent
InternalGetPS2ColorRenderingDictionary
CheckColors
GetPS2ColorRenderingIntent
InternalGetPS2CSAFromLCS
SetColorProfileElementSize
ConvertColorNameToIndex

sti

DllCanUnloadNow
DllUnregisterServer
StiCreateInstance
DllGetClassObject
GetProxyDllInfo
StiCreateInstanceW
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MZwuwI
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KcPaf
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

psapi

user32

crypt32

rpcrt4

mscms

sti

Sections

.text Size: 18KB - Virtual size: 17KB

.MZwuwI Size: 1KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.KcPaf Size: 1KB - Virtual size: 6KB

.Pn Size: 2KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 285KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.MZwuwI
Size: 1KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.KcPaf
Size: 1KB - Virtual size: 6KB

.Pn
Size: 2KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 285KB

.rsrc
Size: 4KB - Virtual size: 4KB