8aa880ba3cc26e6f6f1af859666b8a7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8aa880ba3cc26e6f6f1af859666b8a7c_JaffaCakes118
Size

40KB
MD5

8aa880ba3cc26e6f6f1af859666b8a7c
SHA1

23fe8f4d5f546ca477ee1197ef598bc2077d6c2e
SHA256

c2ea70e0063b4e8c4d77e165a437dd1b7efd8f4ab72ee793f0100d9170430729
SHA512

fde201691416a1ec876b3dfa999896292dd64c8913157c3036f48b5a876c934c88bc9e296bc3446cf3be6dc9dfff82d9e897d3a87c9e79eefc93fc879a7ad5a2
SSDEEP

768:DxUEmnlzToIfHIyelpArKhzhR6BvDeOnZuzAm0aiZoltAT:GlPhvv2SrKhzho1U8Sl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aa880ba3cc26e6f6f1af859666b8a7c_JaffaCakes118

Files

8aa880ba3cc26e6f6f1af859666b8a7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41da9f1a9101e71f3b3dbbadcf100aed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
SetEvent
GetFullPathNameA
IsBadWritePtr
lstrlen
GetFileType
GlobalFindAtomW
GetUserDefaultLangID
GetNumberFormatA
GetProcAddress
GetModuleFileNameW
SetCurrentDirectoryA
CreateMutexA
GetCPInfo
FreeLibrary
SearchPathW
CreateFileMappingW
GetNamedPipeInfo
IsValidCodePage
AddAtomW
GetLogicalDriveStringsW
lstrcpy
EnumCalendarInfoA
FileTimeToLocalFileTime
GetVersionExA
FileTimeToDosDateTime
GetHandleInformation
GetLocaleInfoA
GetVersionExW
SetPriorityClass
FatalAppExitA
GetModuleHandleA
GetVolumeInformationA
lstrcpynA
SetLastError
GetSystemDefaultLangID
InitializeCriticalSection
FindResourceA
GlobalDeleteAtom
lstrcmpW
GlobalAlloc
GetSystemDirectoryA

user32

CloseWindow
InsertMenuA
ShowWindow
LoadIconA
GetClassNameW
LoadMenuA
SetCursor
EnableWindow
GetClassInfoExA
GetDC
GetMenuItemID
CreateMenu
DialogBoxParamW
AppendMenuA
GetMenuItemInfoW
GetClassInfoW
InvalidateRgn
PostMessageW
DefWindowProcW
GetCapture
CreateDesktopA
CreateAcceleratorTableA

gdi32

GetFontUnicodeRanges
OffsetRgn
GetTextExtentPointW
GetMetaFileA
CreatePalette
SetMapMode
EndPage
GetEnhMetaFileDescriptionA
SetBoundsRect
SetWinMetaFileBits
CreateFontIndirectW
CreateRoundRectRgn
CreateMetaFileA
SetWorldTransform
GetCurrentPositionEx
GetBrushOrgEx
GetCharABCWidthsW
CreateDIBPatternBrushPt

advapi32

RegQueryValueA
RegSaveKeyW
RegOpenKeyExA

shell32

SHGetDesktopFolder
ExtractIconExW
SHGetDataFromIDListW
ShellExecuteEx
SHCreateDirectoryExW
ExtractAssociatedIconA
ExtractIconA

comdlg32

ReplaceTextA
GetFileTitleW
ReplaceTextW
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

oleaut32

VarBstrFromUI1
VarCyFromUI2
VarDateFromStr
VarUI1FromDec
VarDateFromR8

version

VerFindFileA
VerLanguageNameW

winmm

waveOutGetID
waveOutGetErrorTextA
mciSendStringA
mmsystemGetVersion
midiOutMessage
timeGetTime

inetcomm

HrAttachDataFromFile
HrGetDisplayNameWithSizeForFile
DllCanUnloadNow
MimeEditIsSafeToRun
HrAttachDataFromBodyPart
MimeGetAddressFormatW
HrGetAttachIconByFile
MimeOleCreatePropertySet
MimeOleCreateHeaderTable
MimeOleGetInternat
MimeOleGetFileInfo
MimeOleSMimeCapsFull
MimeOleCreateBody
MimeOleParseRfc822Address
MimeOleParseRfc822AddressW

sqlunirl

_ExtractIcon_@12
_WriteConsoleInput_@16
_GetTextFace_@12
_GetCurrentHwProfile_@4
_RegConnectRegistry_@12
_ExtractAssociatedIcon_@12
_GetClassInfo@12
_DlgDirSelectEx_@16
_NDdeGetErrorString_@12

crypt32

CertIsValidCRLForCertificate
CryptMsgUpdate
CryptExportPublicKeyInfo
CertAddCTLLinkToStore
CertEnumSystemStoreLocation
CryptEncodeObject
CertGetIntendedKeyUsage
CryptSetKeyIdentifierProperty
CryptSIPVerifyIndirectData
CertComparePublicKeyInfo
CryptEnumKeyIdentifierProperties
CertFindCTLInStore
CertRegisterPhysicalStore

Sections

.mX
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cxlZQ
Size: 3KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nDB
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.F
Size: 4KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lj
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41da9f1a9101e71f3b3dbbadcf100aed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

oleaut32

version

winmm

inetcomm

sqlunirl

crypt32

Sections

.mX Size: 12KB - Virtual size: 12KB

.cxlZQ Size: 3KB - Virtual size: 229KB

.nDB Size: 5KB - Virtual size: 33KB

.F Size: 4KB - Virtual size: 455KB

.Lj Size: 7KB - Virtual size: 6KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.mX
Size: 12KB - Virtual size: 12KB

.cxlZQ
Size: 3KB - Virtual size: 229KB

.nDB
Size: 5KB - Virtual size: 33KB

.F
Size: 4KB - Virtual size: 455KB

.Lj
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB