8b544e407cdd47e820518d6306ff6970_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b544e407cdd47e820518d6306ff6970_JaffaCakes118
Size

173KB
MD5

8b544e407cdd47e820518d6306ff6970
SHA1

f6eaf33b42589fe44540ba96c69b9cc403f77a17
SHA256

a3f0d429e2fb8461434c8da49182e0d5ac07e94a218a4a9d5d1e270c8621470a
SHA512

b23811e939acc515c03ca66dfebda637b64624032147c23a1d581d5c5972f38b86d0cb7606eb682c6ef1b8d2b5113ee06e35de161e8eab850678ff43ef4686a7
SSDEEP

1536:ZAnsUFInJkFBin4TQN2LsCnA3hvsHpgijm7Dsb2CgDbql2:ZKsUWd48kLsCnA3hvsJgpPsb+Db02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b544e407cdd47e820518d6306ff6970_JaffaCakes118

Files

8b544e407cdd47e820518d6306ff6970_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2b4c7906011e9078a3cae63473d44cad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetLastError
lstrcmpiW
GetLastError
InterlockedDecrement
LeaveCriticalSection
WriteFile
InterlockedIncrement
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
HeapFree
VirtualAlloc
LocalAlloc
GetProcessHeap
Sleep
InterlockedIncrement
EnterCriticalSection
SetLastError
GetCommandLineW
HeapAlloc
GetACP
VirtualAlloc
CloseHandle
WaitForSingleObject
GetProcessHeap
GetModuleHandleW
GetProcAddress
QueryPerformanceCounter
SetFilePointer
EnterCriticalSection
GetCommandLineA
SetUnhandledExceptionFilter
LeaveCriticalSection
GetModuleHandleA
WriteFile
GetProcAddress

user32

GetWindowLongW
GetSystemMenu
CopyRect
KillTimer
DestroyIcon
GetSubMenu
CharNextW
GetSystemMetrics
IsWindow
GetDC
UpdateWindow
MoveWindow
IsWindowVisible
DestroyMenu
InvalidateRect
RegisterClassExW
wsprintfA
MoveWindow
RegisterClassExW
ShowWindow
MessageBoxA
MessageBoxA
GetKeyState
IsWindow

advapi32

InitializeSecurityDescriptor
RegEnumValueW
OpenProcessToken
RegQueryInfoKeyW
AllocateAndInitializeSid
RegCreateKeyExA
RegCloseKey
SetSecurityDescriptorDacl
RegCreateKeyExW
RegDeleteKeyW
CloseServiceHandle
AdjustTokenPrivileges
SetSecurityDescriptorDacl
RegCreateKeyExA
RegDeleteValueW
RegDeleteValueW

gdi32

SelectObject
DeleteDC
GetTextMetricsW
LineTo
CreateBitmap
GetTextMetricsW
CreateBitmap
ExtTextOutW
StretchBlt
MoveToEx
GetStockObject
GetDeviceCaps
CreateCompatibleDC
ExtTextOutW
SetBkMode
SetBkMode
PatBlt
StretchBlt

Sections

Size: 141KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b4c7906011e9078a3cae63473d44cad

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

Size: 141KB - Virtual size: 156KB

Size: 2KB - Virtual size: 4KB

Size: 8KB - Virtual size: 7KB

Size: 1024B - Virtual size: 4KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 3KB - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1024B - Virtual size: 4KB