8b02f6168881ec6f1492460ab07bd8e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b02f6168881ec6f1492460ab07bd8e0_JaffaCakes118
Size

124KB
MD5

8b02f6168881ec6f1492460ab07bd8e0
SHA1

9ea967e443c7ccb0fa7d85a1779da6a89b353a17
SHA256

664cbd439eaca2cdf13c25f4f715b2ec4424945a1491352c7e533f86a25e778e
SHA512

1084fe9e2763b1993c8925f6a093917da6f6e8bc87839a516bf190d4439de5746e723e9d9b37fc18dddfba606f312a56ac8912655e231f3083a6e2ec137b055e
SSDEEP

3072:zIL7+gM2VHoC2A+LKDagZl8T7WAUlrF41u:knV121LK2gT8f9UlrF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b02f6168881ec6f1492460ab07bd8e0_JaffaCakes118

Files

8b02f6168881ec6f1492460ab07bd8e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bf23f079f51d6566ce88d6ccdc606fea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

log
_except_handler3
_onexit
__p__commode
_initterm
memcmp
strtok
_lseek
wcscspn
_adjust_fdiv
_assert
_controlfp
_strnicmp
_XcptFilter
__setusermatherr
_open_osfhandle
__p__fmode
strlen
fflush
__getmainargs
exit
_read
wcslen
_itow
fclose
_acmdln
_stricmp
strchr
memset
_getcwd
__set_app_type

kernel32

VirtualProtect
QueryPerformanceCounter
WaitForSingleObject
CreateProcessW
GetModuleHandleW
GetStartupInfoA
GetModuleHandleA
GetSystemInfo
FreeEnvironmentStringsW
DeviceIoControl
GetWindowsDirectoryA
VirtualFree
LCMapStringA
CreateDirectoryA

ole32

OleInitialize
CoInitializeSecurity
ReleaseStgMedium
IIDFromString
OleSetClipboard
CreateStreamOnHGlobal
CLSIDFromString
CreateBindCtx

gdi32

CopyMetaFileW
GetRegionData
OffsetWindowOrgEx
GetMetaFileBitsEx
CreateFontIndirectW
RectVisible
StretchDIBits
GetBkColor
Polyline
EndPath
CombineRgn

advapi32

RegOpenKeyExW
InitializeSecurityDescriptor
QueryServiceStatus
LookupPrivilegeValueA
SetSecurityDescriptorOwner
RegQueryValueA
RegCreateKeyA
RegEnumKeyA

user32

OffsetRect
WinHelpA
GetIconInfo
SetScrollInfo
IsWindowVisible
SetClipboardData
MapWindowPoints
GetMessageA
GetDesktopWindow
CharNextA
IntersectRect
EqualRect

oleaut32

VariantCopy
SysStringLen
GetErrorInfo
SysReAllocStringLen
SysAllocStringLen
VariantCopyInd
SafeArrayCreate
SysFreeString
SysStringByteLen

version

VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
VerInstallFileW
VerFindFileW

comctl32

ImageList_SetIconSize
ImageList_BeginDrag
ImageList_GetBkColor
DestroyPropertySheetPage
ImageList_LoadImageA

shell32

DragAcceptFiles
SHAppBarMessage
ExtractIconW
SHFileOperationA
ExtractIconA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf23f079f51d6566ce88d6ccdc606fea

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

advapi32

user32

oleaut32

version

comctl32

shell32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 88KB - Virtual size: 88KB