8c4c473e485396eb472fc597f250628c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c4c473e485396eb472fc597f250628c_JaffaCakes118
Size

6.5MB
MD5

8c4c473e485396eb472fc597f250628c
SHA1

48837c93d45db2a2bbd95c8d861a7d8f71ff670d
SHA256

872bab0e7ba081593829de9fcffd578af1b317d0849142ad5797c6a8c34228e7
SHA512

127ed4daacd8b8d0450ccb3cf7d6728ca42dde41e40ece801a452ca3ff29dc86e5c24e474bf331ff3138c7bf26081c87082f8dc3c4e1cb21905e0b6797567e9b
SSDEEP

196608:fEZPBwaf8rEkrU7A6vCdVsX3kJFeteFzcIMkG:fZaf3han4kJmoJG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c4c473e485396eb472fc597f250628c_JaffaCakes118

Files

8c4c473e485396eb472fc597f250628c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85056b83601e3f2084f20ad53dbb3dbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
CompareStringW
DeleteFiber
GetModuleHandleA
lstrcmpiW
CreateEventA
GetVersion
FillConsoleOutputCharacterA
MultiByteToWideChar
GetProfileIntA
GetOEMCP
GetLongPathNameA
CopyFileExW
ScrollConsoleScreenBufferA
FindFirstFileExW
LocalSize
PeekConsoleInputW
SetCommTimeouts
GetThreadPriority
FreeResource
GetCurrentProcess
DuplicateHandle
QueryDosDeviceW
GetSystemTimeAdjustment
GetTempFileNameA
SetConsoleTitleA
GetLargestConsoleWindowSize
ClearCommBreak
MoveFileW
UnmapViewOfFile
DosDateTimeToFileTime
EraseTape
SetupComm
GetFileInformationByHandle
FreeLibraryAndExitThread
GetTempPathW
ExitProcess
EnumCalendarInfoA

user32

CreateDialogIndirectParamA
SendMessageTimeoutA
SendMessageA
DefWindowProcW
GetMenuItemInfoW
GetCaretPos
GetKeyboardLayoutNameA
SetWindowLongA
DrawMenuBar
GetDoubleClickTime
SetScrollInfo
WindowFromDC
IsWindowEnabled
ChangeDisplaySettingsExA
GetClassInfoW
ClientToScreen
EnableMenuItem
GetDC
VkKeyScanW
ToUnicodeEx
DialogBoxIndirectParamW
ReleaseCapture
CreateDesktopW
GetKeyboardState
ChangeClipboardChain
ToAscii
CharUpperBuffA
DrawEdge
InsertMenuItemW
GetKeyboardLayoutNameW
GetClipboardFormatNameW
ChangeMenuA
LoadCursorW
SetDlgItemTextA
GetWindowTextLengthW
EmptyClipboard
CheckMenuItem
ScreenToClient
CreateWindowExA
DestroyIcon
CreateMDIWindowW
MoveWindow
CreateAcceleratorTableA
CreateDialogIndirectParamW

gdi32

SetEnhMetaFileBits
GetStockObject
EnumFontsA
ExtFloodFill
CreateHatchBrush
GetCharacterPlacementW
IntersectClipRect

advapi32

RegFlushKey
StartServiceCtrlDispatcherW
ImpersonateSelf
RegCreateKeyExW
DeregisterEventSource
QueryServiceStatus
GetExplicitEntriesFromAclW
StartServiceCtrlDispatcherA
QueryServiceConfigA
LookupPrivilegeValueA
GetAclInformation
SetNamedSecurityInfoA
RegCloseKey
RegReplaceKeyW
GetSidSubAuthority
GetFileSecurityW
ObjectDeleteAuditAlarmW
RegisterServiceCtrlHandlerA
SetThreadToken
CryptImportKey
OpenServiceA
FreeSid
GetFileSecurityA
AdjustTokenPrivileges
LookupAccountSidA
InitiateSystemShutdownA
ObjectCloseAuditAlarmW
CreatePrivateObjectSecurity

shell32

DragQueryPoint
SHChangeNotify
SHFileOperationW
SHGetSettings
SHFileOperationA

oleaut32

SafeArrayCreate
SafeArrayGetElement
SysAllocStringLen
SafeArrayPutElement

comctl32

ImageList_DragShowNolock
ImageList_LoadImageA

shlwapi

StrPBrkW
PathCommonPrefixW
PathIsFileSpecA
PathCompactPathW
SHDeleteValueW
PathCompactPathExW
StrCmpW
PathRelativePathToW
PathGetCharTypeW
SHRegGetBoolUSValueW
StrChrW
AssocQueryKeyW
PathAppendW
ChrCmpIW
StrFormatByteSize64A
StrRChrA

msvcrt

_exit
strtoul
_wputenv
__p___argc
_read
_wgetcwd
_cexit
_isctype
_spawnlp
_finite
_stricmp
_spawnv
_getcwd
perror
_strdup
_get_osfhandle
_getmbcp
_filelength
wcstod

Sections

.text
Size: 4KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85056b83601e3f2084f20ad53dbb3dbd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 6.4MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 4KB - Virtual size: 6.4MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB