8b48320333df4dbfefc90a9d117e808d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b48320333df4dbfefc90a9d117e808d_JaffaCakes118
Size

74KB
MD5

8b48320333df4dbfefc90a9d117e808d
SHA1

13e05796ae2ba0e69712ec53a917572a3ac467d7
SHA256

87847626d1da21f0c3dcdaef794bbdf5a6a746b0865f7968019fdf04ce8437d5
SHA512

8dbe042d837e36ab1f2a3d2283c184b12ee911aaddc0fce472e3e637dbdd902b490b8dea06d589425ada3c0ab2841205b0f3c60c20f82a8831b67823ede02f11
SSDEEP

1536:D3po4KgkGNKN0DhjcTXkef/rLKx6RLvT6HNqm:D3pj4N0DhjQf/rOx6R7TqNx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b48320333df4dbfefc90a9d117e808d_JaffaCakes118

Files

8b48320333df4dbfefc90a9d117e808d_JaffaCakes118
.exe windows:6 windows x86 arch:x86

2c55cd610f203288f75a6b189e3f7bf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
UnhandledExceptionFilter
GetVersionExA
VirtualFree
GetCurrentProcessId
GetTickCount
SetFilePointer
GetCurrentProcess
QueryPerformanceCounter
SleepEx
lstrcpyW
QueryPerformanceCounter
GetCommandLineW
InterlockedIncrement
LocalFree
VirtualAlloc
SetLastError
GetModuleHandleA
HeapDestroy
GetCommandLineA
SetUnhandledExceptionFilter
GetACP
SetEvent
HeapReAlloc
GetCommandLineA
lstrcpyW
HeapAlloc
GetStartupInfoW
GetStartupInfoA
lstrcmpiW

shell32

SHGetDesktopFolder
ExtractIconW
SHGetDesktopFolder
SHGetDesktopFolder
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteExW
SHGetPathFromIDListW
CommandLineToArgvW
ExtractIconW
ShellAboutW
DragAcceptFiles
SHGetSpecialFolderPathW
ExtractIconExW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderPathW
DragFinish
SHGetFolderPathW
DragAcceptFiles
SHGetFileInfoW
SHGetSpecialFolderLocation
ExtractIconW
SHGetMalloc
Shell_NotifyIconW
SHGetFileInfoW
SHGetMalloc
DragFinish
DragQueryFileW

advapi32

RegOpenKeyExA
FreeSid
RegDeleteValueW
InitializeSecurityDescriptor
FreeSid
GetTokenInformation
GetTokenInformation
RegCloseKey
AdjustTokenPrivileges
RegEnumKeyExW
InitializeAcl
RegCloseKey
GetLengthSid
CloseServiceHandle
RegDeleteValueW
RegOpenKeyW
OpenProcessToken
RegSetValueExA
OpenThreadToken
RegQueryValueExA
SetSecurityDescriptorDacl
RegQueryValueExW
OpenThreadToken
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
AddAccessAllowedAce
RegCloseKey
RegEnumKeyExW

gdi32

GetDeviceCaps
PatBlt
TextOutW
SetTextColor
CreateCompatibleDC
BitBlt
SelectObject
GetStockObject
ExtTextOutW
CreateFontIndirectW
GetStockObject
CreateCompatibleDC
GetTextMetricsW
TextOutW
DeleteDC
PatBlt
GetTextMetricsW
DeleteObject
LineTo
CreateCompatibleDC
BitBlt
SetBkColor
SetTextColor
GetStockObject
CreateSolidBrush
GetObjectW
GetTextExtentPoint32W
LineTo
CreateFontIndirectW
DeleteObject

user32

PostMessageW
GetWindowTextW
GetDC
DefWindowProcW
GetKeyState
CreateWindowExW
GetSubMenu
GetSysColor
GetWindowLongW
GetSubMenu
GetCaretPos
CheckDlgButton
GetWindowRect
ReleaseDC
GetKeyState
LoadStringW
DestroyWindow
WinHelpW
GetSystemMetrics
SetForegroundWindow
IsWindowVisible
ReleaseDC
EndDialog
GetSubMenu
CopyRect
GetWindowTextW
SetCapture
MapWindowPoints
SendMessageW
OffsetRect

Exports

Exports

XqYoSYGROVJYDQ
XEMiqGBKukG
rGTTVfLFf
PfZxTKGAZTdXs
IKcOCJP
MRsWVECwMODE
hlDVXkJUjV
TDiXMNex
AFMRIQ

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c55cd610f203288f75a6b189e3f7bf2

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

gdi32

user32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 39KB - Virtual size: 40KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 100KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 39KB - Virtual size: 40KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 100KB

.reloc
Size: 512B - Virtual size: 4KB