8b4eae8fed579464d3f65d37b9feecd2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b4eae8fed579464d3f65d37b9feecd2_JaffaCakes118
Size

588KB
MD5

8b4eae8fed579464d3f65d37b9feecd2
SHA1

36ce09a7861f205b8ebc19ea39d21f35c54977f4
SHA256

16aeb9027f80e05a100f943898eab72835186493a61d60e8194f761d1772c219
SHA512

d64277088ccee6d225c5d42d84a110ae1dc5ce0d9bc2d2ef3bbca0127bbd9a3eedabf972c2ef12c904d9bfecbd0282deb079651e009d7b064281409db728b679
SSDEEP

12288:kELF2eihCcf7utBMqjXjNFhw0TplwSLyN4ffjlZ8:kELIeiDfit26X1/QSLyNcfjly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b4eae8fed579464d3f65d37b9feecd2_JaffaCakes118

Files

8b4eae8fed579464d3f65d37b9feecd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c38a7c7c723d680429a24eab8c2264c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

comctl32

ImageList_Add
ImageList_SetFlags
ImageList_LoadImageA
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_SetBkColor
ImageList_Replace
ImageList_BeginDrag
ImageList_GetIcon
ImageList_EndDrag
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_GetImageCount
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_AddMasked
DrawStatusTextW
InitCommonControlsEx
ImageList_GetIconSize
MakeDragList
DrawStatusTextA

kernel32

EnumDateFormatsW
CommConfigDialogW
OpenProcess
GetCurrentThreadId
FileTimeToLocalFileTime
SetConsoleCtrlHandler
Sleep
WriteFile
IsDebuggerPresent
GetSystemTimeAsFileTime
LeaveCriticalSection
ReadFile
GetLocaleInfoW
GetDateFormatA
GetACP
HeapCreate
TlsSetValue
GetTimeFormatA
VirtualFreeEx
WriteConsoleW
IsValidCodePage
HeapFree
CreateDirectoryExA
GetCurrentThread
GetStartupInfoW
CreateProcessA
InterlockedExchange
SetEvent
FlushInstructionCache
VirtualQuery
WriteConsoleA
CompareStringW
GetEnvironmentStringsW
GetCurrentProcess
ReleaseSemaphore
SetThreadPriority
EnumResourceTypesW
GetDriveTypeA
CreateFileA
OpenMutexA
GetUserDefaultLCID
GetConsoleMode
GetCommandLineW
GetTickCount
EnumResourceNamesA
SetEnvironmentVariableA
GetProcessHeap
SetLastError
EnumTimeFormatsW
InterlockedIncrement
GetStringTypeA
GetStdHandle
QueryPerformanceCounter
FreeLibrary
SetConsoleMode
GetVersionExW
CreateMutexA
RemoveDirectoryW
ReleaseMutex
SetFilePointer
WideCharToMultiByte
GetOEMCP
CloseHandle
LoadLibraryA
CompareStringA
UnhandledExceptionFilter
HeapReAlloc
TerminateProcess
GetModuleHandleA
GetConsoleOutputCP
TlsGetValue
HeapSize
ExitProcess
MultiByteToWideChar
LocalUnlock
GetVersionExA
GetStringTypeW
GetCurrentProcessId
GetConsoleCP
LCMapStringA
WriteConsoleOutputA
GetCPInfo
InterlockedDecrement
GetCommandLineA
SetConsoleTitleA
GetTempPathW
TransactNamedPipe
GlobalFindAtomA
GetEnvironmentStrings
RtlUnwind
TlsAlloc
GetLocaleInfoA
GetThreadTimes
HeapAlloc
SetStdHandle
VirtualAlloc
InitializeCriticalSection
LCMapStringW
GetPrivateProfileStructW
FlushFileBuffers
ReadConsoleA
RaiseException
HeapDestroy
GetStartupInfoA
GetFileType
GetAtomNameA
SetUnhandledExceptionFilter
GetLastError
DeleteCriticalSection
EnterCriticalSection
LocalCompact
GetModuleFileNameA
GetTimeZoneInformation
WriteConsoleOutputCharacterA
GetCurrencyFormatA
FreeEnvironmentStringsW
IsValidLocale
EnumSystemLocalesA
VirtualFree
TlsFree
FreeEnvironmentStringsA
SetHandleCount
GetModuleFileNameW
GetProcAddress

advapi32

RegRestoreKeyA
RegOpenKeyW
CryptDestroyHash
RegDeleteKeyW
RegReplaceKeyW
RegQueryMultipleValuesW
GetUserNameA
RegSetKeySecurity
LookupAccountSidW
CryptEnumProvidersW
RegEnumKeyExW
CryptSetProviderExW
RegDeleteValueA
RegQueryValueW
CryptDecrypt
LogonUserW
CryptGenKey
GetUserNameW
RegQueryValueA
CryptDeriveKey

comdlg32

GetFileTitleA
LoadAlterBitmap

gdi32

SetBoundsRect
DeviceCapabilitiesExW
GetEnhMetaFileA
GetDCOrgEx
CreateEllipticRgn
PlayMetaFileRecord
SetPolyFillMode
CreateDCA
gdiPlaySpoolStream
GetObjectA
EndPage
CopyEnhMetaFileA
EnumMetaFile
GdiPlayScript
DeviceCapabilitiesExA
SetTextColor
EndPath
PolyPolygon
CombineTransform
SetICMProfileW
ResizePalette
DeleteDC
GetMetaRgn
GetEnhMetaFileDescriptionA
IntersectClipRect
GetDeviceCaps
DeleteObject

user32

DestroyWindow
SetProcessDefaultLayout
LoadIconW
GetKeyboardType
RegisterClassExA
GetClipCursor
IsMenu
SetRectEmpty
RegisterClassA
MessageBoxW
ShowWindow
PostMessageW
SetUserObjectSecurity
IsCharUpperA
GetMenu
DefWindowProcA
DefFrameProcW
DeleteMenu
SendMessageA
EnumPropsExA
TranslateMDISysAccel
SetShellWindow
CreateWindowExW
SetWindowTextA
GetListBoxInfo

wininet

InternetWriteFileExW
RetrieveUrlCacheEntryFileW

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c38a7c7c723d680429a24eab8c2264c

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

comdlg32

gdi32

user32

wininet

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 144KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 144KB

.rsrc
Size: 20KB - Virtual size: 19KB