8b023b7b0e95a7e5923b7ec8d6fe4024_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b023b7b0e95a7e5923b7ec8d6fe4024_JaffaCakes118
Size

197KB
MD5

8b023b7b0e95a7e5923b7ec8d6fe4024
SHA1

778958a3840c6d87c28706beb82d6488b1ed268d
SHA256

8e6f4f7d84a66a7a01cd6160a02c0d92db5fd7f9ab0ad5020acfa71736baddf9
SHA512

1c400408da9e3dfb6e437fe5a927467837ca5bd44eb3383825acffea525e4f3c885b91a1a1567cede135f810c12f7a2e50b29150bbd9834772397a37ba9ac64d
SSDEEP

3072:0RkK8k6AumbfJUpwfk3NmJK7j7vbdADeFu60prZda5faPDP3JMAK1OKsVl/B:u5SSbRUG6N//zdZSptda5I9M2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b023b7b0e95a7e5923b7ec8d6fe4024_JaffaCakes118

Files

8b023b7b0e95a7e5923b7ec8d6fe4024_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec11d8329c95697380fb4c5ca4a9656a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
MessageBoxA
SetWindowTextW
DestroyMenu
GetWindowWord
CloseDesktop
PostMessageA
GetWindowThreadProcessId
IsWindow
EmptyClipboard
TranslateMessage
CharUpperW
PeekMessageW
GetMessageW
IsClipboardFormatAvailable
UpdateWindow
SetKeyboardState
GetKeyboardLayout
GetWindow
MapVirtualKeyW
CharUpperBuffW
GetActiveWindow
GetWindowLongW
MonitorFromWindow
SetWindowsHookExW
SendMessageW
GetForegroundWindow
DispatchMessageA
GetTopWindow
SetWindowWord
MonitorFromPoint
IsRectEmpty
MonitorFromRect
EnumDisplayMonitors
PostMessageW
InvalidateRgn
CloseClipboard
GetSystemMenu
UnionRect
CreateCaret
ScreenToClient
GetCursor
UnhookWindowsHookEx
SetCaretPos
ExcludeUpdateRgn
RegisterClassW

ntdll

NtQuerySystemTime
ZwQueryInformationProcess
RtlCompareUnicodeString
NtOpenJobObject
NtSetSystemInformation
NtReadFile
RtlCompareMemory
ZwQueryInformationPort

kernel32

FlushViewOfFile
InterlockedDecrement
LoadLibraryA
CreateFileW
QueryPerformanceCounter
EnumSystemLocalesA
SetEvent
SetLastError
SystemTimeToFileTime
GetFileAttributesA
HeapSize
Sleep
GetStringTypeA
TlsAlloc
SetProcessAffinityMask
GetTimeZoneInformation
GetCurrentThreadId
LocalAlloc
GetUserDefaultLCID
GetTempPathA
GetModuleHandleA
FreeEnvironmentStringsW
CloseHandle
FreeEnvironmentStringsA
SetHandleCount
CreateEventA
RaiseException
GetFileSizeEx
InitializeCriticalSection
TryEnterCriticalSection
CreateToolhelp32Snapshot
Module32First
VirtualProtect
GetLocaleInfoW
GetSystemDirectoryA
SetFileAttributesA
CreateThread
GetNumberOfConsoleInputEvents
LeaveCriticalSection
IsValidLocale
GetCurrentProcess
CloseHandle

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec11d8329c95697380fb4c5ca4a9656a

Headers

DLL Characteristics

File Characteristics

Imports

user32

ntdll

kernel32

Sections

.text Size: 154KB - Virtual size: 154KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 154KB - Virtual size: 154KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 2KB - Virtual size: 4KB