8906f30c91133cdfbb2a27f716d69e58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8906f30c91133cdfbb2a27f716d69e58_JaffaCakes118
Size

166KB
MD5

8906f30c91133cdfbb2a27f716d69e58
SHA1

4da2e7f6626fa259220bfd53d8094ec88e122418
SHA256

19810db48b4eb500abbb263da055a85bd25d2748037aded1cdc9c350388a7d5b
SHA512

4922da938705d1baafb75558f74028b49ef7d683d4e85375290cb6a89aeb48dd6139f26d49102139f95ce7f6d009b9a4577b86adaf89a72f17962b8359c0f5f7
SSDEEP

3072:LW+1YR9vL9QaBsXIL7glII/qGoXBEC3lZEO80KjA28S+fukTJms1WC:F1YR1pJmXIYqI/qbBEC3lF8VmShkTJmO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8906f30c91133cdfbb2a27f716d69e58_JaffaCakes118

Files

8906f30c91133cdfbb2a27f716d69e58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fffb85fdd64bb8b3f8bd92c27a0085d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

user32

ReleaseDC
GetDC
LoadCursorW
CheckMenuItem
GetWindowTextW
GetSysColor
ModifyMenuW
GetParent
GetSystemMetrics
EnableMenuItem
GetMenuCheckMarkDimensions
GetLastActivePopup
GetWindowLongW
MessageBoxW
EnableWindow
LoadBitmapW
IsWindowEnabled
GetSysColorBrush

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GetEnvironmentStringsW
SetFilePointer
HeapCreate
SetStdHandle
VirtualFree
IsBadWritePtr
GetShortPathNameW
HeapSize
SetUnhandledExceptionFilter
GetTickCount
FreeEnvironmentStringsW
GetStringTypeA
SetHandleCount
GetOEMCP
GetCommandLineA
IsBadReadPtr
GetProcessAffinityMask
HeapFree
GetStringTypeW
VirtualAlloc
EnumResourceTypesW
GetSystemTimeAsFileTime
VirtualProtect
HeapAlloc
RtlUnwind
IsBadCodePtr
LCMapStringA
GetEnvironmentStrings
GetFileType
FlushFileBuffers
QueryPerformanceCounter
LCMapStringW
GetSystemInfo
GetFileAttributesA
GetModuleFileNameA
GetCurrentProcessId
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
VirtualQuery
HeapDestroy
GetStdHandle
GetStartupInfoA
TerminateProcess
GetCPInfo
WriteFile
ExitProcess

shell32

SHGetSpecialFolderPathW

gdi32

SetTextColor
TextOutW
SetWindowExtEx
CreateBitmap
Escape
ExtTextOutW
ScaleWindowExtEx
PtVisible
RectVisible
ScaleViewportExtEx
GetDeviceCaps
SetBkColor
OffsetViewportOrgEx
SaveDC
SetMapMode
DeleteObject
SelectObject
DeleteDC
GetClipBox
SetViewportExtEx
RestoreDC
SetViewportOrgEx
GetStockObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fffb85fdd64bb8b3f8bd92c27a0085d7

Headers

File Characteristics

Imports

advapi32

user32

ole32

kernel32

shell32

gdi32

winspool.drv

shlwapi

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 62KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 62KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 104KB