8766968ecbb190407963ac9281bb75e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8766968ecbb190407963ac9281bb75e3_JaffaCakes118
Size

44KB
MD5

8766968ecbb190407963ac9281bb75e3
SHA1

9a7f0ede6cff6e6b8b7ac290f6ae22ef47c6e8aa
SHA256

3053fcedb1e03091bab40082045245a96c4e54572f83d10330aece2bf5018f13
SHA512

d5956ddb13a075b77180c606b05749fb3fbcf45202e931b0ad52ab7bad2349991fe780ece023859a08fa37cf7271e21b8a66ec8073ad0b64d0959156a081cccb
SSDEEP

768:SfIdi4SWEPRpJW13T5LQlmBPJFK+pElBLL5JY+CXyTH9J65DXy:SfI04bE5W1KlmBJo+pm5xTdJ6p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8766968ecbb190407963ac9281bb75e3_JaffaCakes118

Files

8766968ecbb190407963ac9281bb75e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f0f9e47f65f998f820c4975cb0a2372

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
SetConsoleIcon
ReadFileScatter
DebugActiveProcess
GetProcessAffinityMask
lstrlenA
WriteConsoleOutputAttribute
GetConsoleDisplayMode
OpenProcess
DuplicateHandle
GetConsoleMode
GetBinaryTypeA
GetLastError
GetLogicalDriveStringsW
GetCurrentThread
GetTapeStatus
PostQueuedCompletionStatus
GetThreadPriority
WriteConsoleInputA
LocalHandle
AddAtomW
TermsrvAppInstallMode
SetupComm
AssignProcessToJobObject
WinExec
VirtualQuery
CreateEventW
SetLocaleInfoA
ExpandEnvironmentStringsW
EnumSystemLocalesW
ClearCommError
EnumResourceTypesW
SuspendThread
_lread
CreateSemaphoreA
CompareStringW
UnregisterWait
CreateWaitableTimerA
WriteFileEx
EnterCriticalSection
GetConsoleAliasesLengthA
GetThreadTimes
VirtualProtect
GetSystemTime
OpenSemaphoreA
MoveFileExW
EnumSystemLanguageGroupsA
ReleaseMutex
FreeUserPhysicalPages

user32

UserRegisterWowHandlers
EnumChildWindows
CreateCaret
GetDC
BeginPaint
DrawCaption
SetMenuDefaultItem
ValidateRect
SetDlgItemInt
UnionRect
SetWindowRgn
CharNextA
SetTimer
GetClassNameW
DefMDIChildProcA
CreatePopupMenu
AlignRects
IsIconic
UserLpkPSMTextOut
RegisterServicesProcess
CreateAcceleratorTableW
GetProcessWindowStation
ChangeDisplaySettingsExA
HideCaret
PostThreadMessageW
DrawTextExA
ToAscii
DrawIcon
ClipCursor
DdeCreateStringHandleA
SetWindowPlacement
IsRectEmpty
OpenWindowStationA
CreateIconFromResourceEx
ChangeDisplaySettingsExW

gdi32

LineTo
RemoveFontResourceExW
GetOutlineTextMetricsA
EngFindResource
SelectPalette
GetRasterizerCaps
SetWorldTransform
GdiGetLocalFont
FONTOBJ_pvTrueTypeFontFile
GdiConvertBrush
CreateBitmap
CreateDIBPatternBrush
GetTextExtentPointA
GetBrushOrgEx
GetDCPenColor
PolyPatBlt

comdlg32

CommDlgExtendedError
ChooseFontA
ChooseColorA
PrintDlgExW
PrintDlgA
FindTextW
dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
PageSetupDlgA
GetOpenFileNameW

psapi

EnumProcessModules
InitializeProcessForWsWatch
GetDeviceDriverBaseNameW
GetWsChanges
GetModuleFileNameExW
GetModuleFileNameExA
QueryWorkingSet
GetMappedFileNameW
GetDeviceDriverFileNameW
GetDeviceDriverBaseNameA
EnumDeviceDrivers
GetProcessMemoryInfo
GetModuleInformation
EmptyWorkingSet

comctl32

CreateStatusWindow
ImageList_DrawIndirect
CreateToolbarEx
ImageList_SetImageCount
CreateStatusWindowW
ImageList_DragMove
ImageList_SetFlags
ImageList_LoadImageA
ImageList_Create
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Write
CreateMappedBitmap
DestroyPropertySheetPage
PropertySheet
FlatSB_ShowScrollBar
ImageList_Draw
ImageList_Remove
ImageList_GetDragImage
UninitializeFlatSB
ImageList_DragEnter
ImageList_ReplaceIcon
CreatePropertySheetPageA
DrawStatusText
ImageList_GetImageRect
InitializeFlatSB
ImageList_SetDragCursorImage
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ImageList_Merge
ImageList_GetIcon

Sections

.text
Size: 5KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f0f9e47f65f998f820c4975cb0a2372

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 5KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 5KB - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 5KB - Virtual size: 8KB