8b445f0a6441a2dd1ecf6fd9458e18b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b445f0a6441a2dd1ecf6fd9458e18b0_JaffaCakes118
Size

492KB
MD5

8b445f0a6441a2dd1ecf6fd9458e18b0
SHA1

43bc3b44f9f6d90b36d80b688334613d002fbbbd
SHA256

f912f41e149e280e83caca8bdae870c184e6f8e25f669c0e4dbd0c2d6d0da357
SHA512

acf15c5a07663af6197661edab45b55ae438d39ff51e1959b7dc9213fb201e9216637c140e8af83faef68d1a250c3a4d154160054046dc36f70833b64aff8f89
SSDEEP

6144:4nIBJ2mEV7c63qDvn+HGNwIIFMUTAn9kQz43BHCLWBVt37cUf87ByybFQRyqq:vShV71k+HGN06UTQz2r87wymyR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b445f0a6441a2dd1ecf6fd9458e18b0_JaffaCakes118

Files

8b445f0a6441a2dd1ecf6fd9458e18b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ae976d98d7c8e07e9ff0a13690c5ade

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontA

user32

DefWindowProcA
ShowWindow
GetDCEx
RegisterClassExA
CreateWindowExW
SendMessageTimeoutW
ScrollDC
RegisterClassA
IsRectEmpty
MessageBoxW
DestroyWindow
SetUserObjectSecurity
TrackPopupMenuEx
wvsprintfW
DdeSetQualityOfService

gdi32

SetAbortProc
GetWinMetaFileBits
GdiPlayDCScript
GetDeviceCaps
ExcludeClipRect
CreatePatternBrush
GetTextMetricsA
GetObjectW
SetWinMetaFileBits
OffsetRgn
GetKerningPairsA
GetCurrentObject
CreateScalableFontResourceA
SetBitmapBits
GetDIBits
SetBitmapDimensionEx
GetCharacterPlacementW
GetClipBox
CreateDCA
StretchDIBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetWindowExtEx
GetObjectA
SetTextColor
DeleteDC
RestoreDC
ExtTextOutA
SetMetaFileBitsEx

advapi32

AbortSystemShutdownA
CryptSetProviderW
RegOpenKeyExW
RegSaveKeyA
LookupAccountNameA
CryptHashData
StartServiceW
InitiateSystemShutdownW
CreateServiceW
RegNotifyChangeKeyValue
CryptSetProvParam
CryptGetKeyParam
LogonUserA
CryptHashSessionKey
LookupPrivilegeValueW
RegReplaceKeyA
RegEnumKeyW
CryptEnumProviderTypesA
RegEnumKeyA
CryptAcquireContextA
RegDeleteKeyA
RegLoadKeyA
CryptVerifySignatureA
DuplicateTokenEx
RegFlushKey

comctl32

CreateUpDownControl
ImageList_Destroy
InitCommonControlsEx
ImageList_Remove
ImageList_Create
ImageList_LoadImageA
DrawInsert
ImageList_SetDragCursorImage
CreatePropertySheetPage
ImageList_GetImageRect
ImageList_Draw
CreateStatusWindowW
_TrackMouseEvent
ImageList_Duplicate
ImageList_SetFilter
ImageList_GetImageInfo
CreatePropertySheetPageW
DrawStatusText
ImageList_Read

kernel32

GetSystemTime
GetLastError
LCMapStringW
GetEnvironmentStrings
GetTimeZoneInformation
InitializeCriticalSection
GetCurrentProcess
GetFileType
GetTickCount
IsBadWritePtr
LoadLibraryA
GetStartupInfoW
GetStringTypeA
CreateMutexA
LeaveCriticalSection
FlushFileBuffers
RtlUnwind
GetCurrentThreadId
UnhandledExceptionFilter
TlsGetValue
GetSystemTimeAsFileTime
HeapFree
GetStartupInfoA
CreateEventW
LockFile
FreeEnvironmentStringsA
GetCPInfo
LCMapStringA
GetProcAddress
TlsSetValue
SetStdHandle
HeapDestroy
QueryPerformanceCounter
CloseHandle
InterlockedExchange
CompareStringA
SetCurrentDirectoryW
WideCharToMultiByte
GetCurrentProcessId
GetLocalTime
DeleteCriticalSection
HeapAlloc
EnterCriticalSection
TlsAlloc
GetModuleFileNameW
ExitProcess
GetCommandLineW
CompareStringW
OpenMutexA
GetStringTypeW
SetEnvironmentVariableA
VirtualAlloc
GetModuleHandleA
TerminateProcess
HeapCreate
GetVersion
TlsFree
WriteFile
HeapReAlloc
GetCommandLineA
GetModuleFileNameA
GetCurrentThread
FreeEnvironmentStringsW
InterlockedIncrement
SetLastError
VirtualFree
MultiByteToWideChar
LockFileEx
VirtualQuery
InterlockedDecrement
SetHandleCount
GetStdHandle
SetFilePointer
ReadFile
GetEnvironmentStringsW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ae976d98d7c8e07e9ff0a13690c5ade

Headers

File Characteristics

Imports

comdlg32

user32

gdi32

advapi32

comctl32

kernel32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 208KB - Virtual size: 236KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 208KB - Virtual size: 236KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 16KB - Virtual size: 16KB