8678b063ef1c96f80f3016e54cb3dab9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8678b063ef1c96f80f3016e54cb3dab9_JaffaCakes118
Size

102KB
MD5

8678b063ef1c96f80f3016e54cb3dab9
SHA1

998294cc8d60e57f0acde4fa6017289c1719fd43
SHA256

1527fc23bb7a9ab2775837339245f2373b42af5a8da17aedd06a427a8efb354e
SHA512

a5bb8242ca9460fc579e1fe005685d5e4a6f9c883ab989da57194df817f1efab30d72379b05b5a6826ba8a75c9505ca6eae209b799446eb77c56ca2c771db1ec
SSDEEP

3072:8iZM9mVNV7MnjmjfqKL7XxjwsObfryx6tXF:8iZ8mLV7cjSLljMDo6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8678b063ef1c96f80f3016e54cb3dab9_JaffaCakes118

Files

8678b063ef1c96f80f3016e54cb3dab9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf4e254a5d955e426b0bc8f18ef7983

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

__p__commode
_initterm
malloc
_controlfp
_exit
__dllonexit
??_U@YAPAXI@Z
??_V@YAXPAX@Z
__wgetmainargs
_adjust_fdiv
_amsg_exit
__setusermatherr
_onexit
memcpy
wcsrchr
__CxxFrameHandler
?terminate@@YAXXZ
__set_app_type
free
_XcptFilter
_cexit
_wcmdln
wcsncpy
__p__fmode
memset
exit
??1type_info@@UAE@XZ

user32

ReleaseDC
GetDesktopWindow
GetClientRect
EmptyClipboard
GetCapture
LoadStringW
ShowScrollBar
SetClipboardData
PeekMessageW
TranslateMessage
GetParent
SetCapture
GetClipboardData
OpenClipboard
GetSysColor
CloseClipboard
InvalidateRect
PostMessageW
MsgWaitForMultipleObjects
GetForegroundWindow
DispatchMessageW
EnumClipboardFormats
EnableWindow
SendMessageW
GetDC
ReleaseCapture
UpdateWindow

msafd

WSPStartup

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comdlg32

GetSaveFileNameW

kernel32

LocalAlloc
GetCurrentProcess
LockResource
VirtualAlloc
RtlUnwind
LoadLibraryA
TerminateThread
InterlockedCompareExchange
CreateThread
CreateFileW
GetVersion
WaitForSingleObject
CreateEventW
GetSystemInfo
ExitProcess
WriteFile
GetCurrentThreadId
TerminateProcess
FormatMessageW
GetModuleFileNameW
GetCurrentProcessId
CloseHandle
LoadResource
Sleep
GetTickCount
VirtualFree
InterlockedExchange
QueryPerformanceCounter
GetStartupInfoW
SetEvent
ExpandEnvironmentStringsA
GetProcAddress
UnhandledExceptionFilter
LocalFree
GetModuleHandleW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

gdi32

DeleteDC
CreateCompatibleBitmap
GetObjectW
GetDeviceCaps
CreateDIBSection
StretchBlt
CreateCompatibleDC
DeleteObject
SelectObject
BitBlt
StretchDIBits
CreateSolidBrush
Rectangle
CreatePen
CreatePatternBrush
CreateDIBitmap
GetDIBits

ole32

CLSIDFromProgID
OleInitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cf4e254a5d955e426b0bc8f18ef7983

Headers

File Characteristics

Imports

msvcrt

user32

msafd

version

comdlg32

kernel32

advapi32

gdi32

ole32

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 3KB - Virtual size: 65KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 3KB - Virtual size: 65KB