8b600c681934468d90d744c813ede244_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b600c681934468d90d744c813ede244_JaffaCakes118
Size

431KB
MD5

8b600c681934468d90d744c813ede244
SHA1

88526c50be8c7d298fb1f9b3c78bebab5dc93021
SHA256

fbb83f3abf3cb5468744772bc30748c0443c652ed252c5aa7b211d9f455e17e7
SHA512

16552117b09a9ae963f1717330daf254c513eb579dd5ba16b29afac74630612870346ba8fe17732d0290102a72e956b591c155a0fdc4400edd201c58c02c4197
SSDEEP

12288:lP4i/NbfK//OK/OIXVxdE2WFVg4cLpsP5JRyC7:lP4QKqIFHE2RvL25yC7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b600c681934468d90d744c813ede244_JaffaCakes118

Files

8b600c681934468d90d744c813ede244_JaffaCakes118
.exe windows:4 windows x86 arch:x86

918d98fba1c6fb577795682ee804fe4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CancelDC
SaveDC
GetCurrentPositionEx
GetBkMode
CreateColorSpaceA
SetLayout
GetTextMetricsA
GetObjectType
SetLayout
gdiPlaySpoolStream
SetMapMode
GetClipBox
CreateICA
SetMapperFlags
SetGraphicsMode
GetSystemPaletteUse
OffsetWindowOrgEx
EnumObjects
GetStretchBltMode
CreateICW
GetTextCharset
GetAspectRatioFilterEx
GetRegionData
GetObjectA
GetROP2
GetMiterLimit

kernel32

GetPrivateProfileIntW
lstrcmpW
GetProcessHeap
VirtualFree
SetWaitableTimer
PrepareTape
lstrcmpA
MapViewOfFile
GetHandleInformation
LocalUnlock
GetTempFileNameW
ExitProcess
HeapFree
GetLastError
GetStartupInfoW
lstrcmpiA
GetLocalTime
LocalFlags
CreateMailslotW
GetDriveTypeW
GetModuleHandleW
GetFileTime
TlsFree
GetThreadSelectorEntry
GetModuleHandleA
SetConsoleCP
UpdateResourceW
SetErrorMode
GetFileAttributesExW
lstrcmpiW
FindAtomW
ReadFile
GetStdHandle
VirtualAllocEx
lstrlenA
lstrcmp
GetBinaryType
_lwrite
GetVolumeInformationA
PeekConsoleInputW
LocalLock
GetACP
EnumSystemLocalesW
GetCommandLineW
SetCurrentDirectoryA

user32

GetKeyboardState
GetInputDesktop
CheckDlgButton
GetKeyNameTextA
PostThreadMessageA
keybd_event
PostMessageA
EnumDisplaySettingsW
WinHelpA
ModifyMenuA
WaitMessage
SetClipboardViewer
IsDialogMessageA
CopyRect
SetClassWord
DefWindowProcW
GetWindowLongW
GetMenuInfo
DefFrameProcA
DlgDirSelectComboBoxExW
SetClassLongA
EnableScrollBar
IsDialogMessageW
SetClassLongW
SendMessageCallbackW
CreateAcceleratorTableW
ImpersonateDdeClientWindow

msvcrt

_ismbclegal
mblen
_ismbchira
strlen
isleadbyte
toupper
strspn
__p__wpgmptr
_endthreadex
_CItanh
fgetwc
_adj_fdiv_m16i
_tzset
wcsftime
_umask
fputwc
_ismbbkalnum
_itoa
_winmajor
_getsystime
feof
_wspawnlp
strpbrk
_ismbcpunct
_CIsin
_rmtmp
_getdiskfree
_dup2

advapi32

RegQueryValueExW
RegCloseKey
GetNamedSecurityInfoExA
RegFlushKey
MapGenericMask
CryptGetDefaultProviderW
RegQueryMultipleValuesW
AbortSystemShutdownA
CryptEncrypt
RegQueryMultipleValuesA
CryptHashSessionKey
ChangeServiceConfigA
EnumServicesStatusA
CryptSetHashParam
RegDeleteKeyW

Sections

.text
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gmivr
Size: 77KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fcb
Size: 77KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

918d98fba1c6fb577795682ee804fe4e

Headers

File Characteristics

Imports

gdi32

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 275KB - Virtual size: 276KB

.gmivr Size: 77KB - Virtual size: 83KB

.fcb Size: 77KB - Virtual size: 1.0MB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 275KB - Virtual size: 276KB

.gmivr
Size: 77KB - Virtual size: 83KB

.fcb
Size: 77KB - Virtual size: 1.0MB

.reloc
Size: 1024B - Virtual size: 1KB