8b0d963a0c289ed0baba6f03d0721448_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b0d963a0c289ed0baba6f03d0721448_JaffaCakes118
Size

134KB
MD5

8b0d963a0c289ed0baba6f03d0721448
SHA1

c22b1ed68f3fbb9cc81fd9121849a1318d6ab528
SHA256

f7f1acd41684ba9ef2ee7f361fe2750ff6eb01e55f09af08b4bb6f15d7cebc63
SHA512

8468d45ffc845a33b1fe0a1a1b9914cd6a7f3578e964822ad084c4eed954e7ef87e7b360e6ab28fdf85e52d0578da536a5529ac146f218b2afcb1b1603362e79
SSDEEP

3072:w+TB0DDBEbq39WwGUHACZYOF4ZCZwhS6a3QeqHkRh:wKBQEq/9H/ZPDDqH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b0d963a0c289ed0baba6f03d0721448_JaffaCakes118

Files

8b0d963a0c289ed0baba6f03d0721448_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a1d380381421cdec337fc6ec0aab128

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetComputerNameA
CloseHandle
SizeofResource
lstrlenW
SetEvent
VirtualQuery
GetModuleHandleA
InitializeCriticalSection
lstrcpyA
TerminateThread
TerminateProcess
WaitForMultipleObjects
GetCommandLineA
GetACP
CreateFileMappingA
UnmapViewOfFile
GetCurrentProcessId
CreateFileMappingA
MapViewOfFile
GlobalFree
FileTimeToLocalFileTime
TryEnterCriticalSection
GetTimeZoneInformation
LoadResource
QueryPerformanceCounter
GetDateFormatA
EnumCalendarInfoA
GlobalMemoryStatus
GetProfileIntA
FlushInstructionCache

gdi32

EnumFontsA
BitBlt
GetCurrentPositionEx
CreateCompatibleBitmap
CopyEnhMetaFileA
SetTextCharacterExtra
GetTextAlign
IntersectClipRect
CreateHalftonePalette
SetTextAlign
SetBkMode
RectVisible
GetBitmapBits
GetFontLanguageInfo
CreatePen
GetTextColor
CreateFontIndirectA

wininet

InternetGetLastResponseInfoA
InternetAttemptConnect
FtpOpenFileA
InternetSetOptionA
InternetCombineUrlA

user32

ReleaseDC
OffsetRect
GetClassInfoW
DefFrameProcA
ClientToScreen
CopyImage
SetWindowRgn
IsRectEmpty
GetDC
ScreenToClient
GetWindowTextA
SetParent
IsZoomed
DestroyWindow
DispatchMessageA
ClipCursor
CreateCaret
GetDesktopWindow
RemovePropA
CreateMenu
EnableScrollBar
IsIconic
TranslateMessage
SetWindowLongW
GetSystemMetrics
ValidateRect
DestroyCaret
GetCursor
SetScrollPos

ole32

CoCreateInstance
OleInitialize
CreateStreamOnHGlobal
OleUninitialize

oleaut32

GetErrorInfo
CreateErrorInfo
VariantClear
VariantChangeType
GetActiveObject

comdlg32

FindTextA
ChooseColorA

version

GetFileVersionInfoSizeA

comctl32

ImageList_BeginDrag
ImageList_Remove
ImageList_ReplaceIcon

advapi32

SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegDeleteKeyA
GetUserNameA
RegEnumKeyExA

msdaimsg

_FDnorm
_FExp
_FNan
_LDscale
_Stof
_FEps
_Mbrtowc

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a1d380381421cdec337fc6ec0aab128

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

wininet

user32

ole32

oleaut32

comdlg32

version

comctl32

advapi32

msdaimsg

shell32

Sections

.text Size: 99KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 99KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 3KB - Virtual size: 4KB