8855a2eabcf5b33c8fa937e45228f6f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8855a2eabcf5b33c8fa937e45228f6f2_JaffaCakes118
Size

544KB
MD5

8855a2eabcf5b33c8fa937e45228f6f2
SHA1

71bde1ab6bc7edaeff8da8702616841f426cd26d
SHA256

34a6eb8c3c503968554810bf94a93e28c8edd663c692f38d6335dd91bd6af0de
SHA512

88a0b3711724efa77efd3882c8a3c9d31dd4f1f0104ed947ad19f694470c6c11c88daa3631020c1e3f6dc5d744dfc705fc424c3adeefa8131040a761b08600e3
SSDEEP

12288:hjNkOsOvF5PX9jObMglmUQiAn1ppcHgAfApwWV9mo2lAdlvbc9:hpkOsOvfP5YMg8/1n1ppW1Yp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8855a2eabcf5b33c8fa937e45228f6f2_JaffaCakes118

Files

8855a2eabcf5b33c8fa937e45228f6f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51ef83395f4990b9ca533fb2fa70ee98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetModuleHandleA
GetProcAddress
GetProfileIntA
SetStdHandle
HeapReAlloc
EnumResourceTypesA
GetCurrentThread
ReadFile
GetStdHandle
CompareStringW
SetEnvironmentVariableA
GetLocalTime
GetEnvironmentStrings
SetLastError
InterlockedExchange
GetSystemTime
EnterCriticalSection
RtlUnwind
GetTickCount
LoadLibraryA
HeapFree
VirtualLock
GetTempFileNameA
GetStartupInfoA
VirtualAlloc
LCMapStringA
lstrcpyW
GetCurrentProcessId
MultiByteToWideChar
GetVersion
TlsGetValue
QueryPerformanceCounter
GetTimeZoneInformation
InterlockedDecrement
GetSystemTimeAsFileTime
SetHandleCount
CloseHandle
TlsAlloc
VirtualFree
GetCurrentThreadId
GetModuleFileNameW
InterlockedIncrement
TerminateProcess
InitializeCriticalSection
UnhandledExceptionFilter
HeapDestroy
GetCurrentProcess
HeapAlloc
GetCommandLineA
LeaveCriticalSection
WriteFile
IsBadWritePtr
ExitProcess
WideCharToMultiByte
GetLastError
GetCPInfo
TlsSetValue
GetEnvironmentStringsW
GetModuleFileNameA
GetCommandLineW
FreeEnvironmentStringsA
FillConsoleOutputCharacterW
SetFilePointer
VirtualQuery
TlsFree
FreeEnvironmentStringsW
GetFileAttributesA
EnumResourceTypesW
GetStringTypeA
CompareStringA
HeapCreate
CreateMutexA
GetStringTypeW
LCMapStringW
OpenMutexA
GetFileType
SetThreadContext
DeleteCriticalSection
GetStartupInfoW

wininet

InternetShowSecurityInfoByURL
InternetSetDialState
GetUrlCacheHeaderData
InternetCrackUrlA
InternetCombineUrlA
FtpSetCurrentDirectoryW
HttpQueryInfoW

comctl32

ImageList_Copy
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_Read
MakeDragList
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_LoadImageA
DestroyPropertySheetPage
CreateUpDownControl
GetEffectiveClientRect
CreateStatusWindowW
ImageList_SetImageCount
InitCommonControlsEx
CreateToolbarEx

user32

RegisterClassA
CreateDialogIndirectParamW
DefWindowProcW
LookupIconIdFromDirectory
TranslateAcceleratorW
EnumDisplayDevicesW
MessageBoxA
DestroyWindow
ReplyMessage
FillRect
ClipCursor
UpdateWindow
ShowWindow
GetMenuStringA
FindWindowA
CharNextA
RegisterClassExA
VkKeyScanW
EnumDisplaySettingsExA
ExcludeUpdateRgn
SetMenu
ArrangeIconicWindows
CreateWindowExW

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51ef83395f4990b9ca533fb2fa70ee98

Headers

File Characteristics

Imports

kernel32

wininet

comctl32

user32

Sections

.text Size: 317KB - Virtual size: 317KB

.rdata Size: 33KB - Virtual size: 59KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 93KB - Virtual size: 92KB

.text
Size: 317KB - Virtual size: 317KB

.rdata
Size: 33KB - Virtual size: 59KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 93KB - Virtual size: 92KB