8b8679cf856359e51f7a4abe6ac7861c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b8679cf856359e51f7a4abe6ac7861c_JaffaCakes118
Size

228KB
MD5

8b8679cf856359e51f7a4abe6ac7861c
SHA1

78998bbc9860e663c2b592552a0551ecf17ce4d5
SHA256

281f0b25ab9a6875d2ad9d0b8cc10f0842c88e38e1434dce5cae6fe8f51ce647
SHA512

aa99103f4d1a9a02baa8c9abd647e1a08a79ae00df6396b5434897fb0aec1ee73210d82adf0f8e8deb1e04a66bb1fc68a09a30a3cb4044afb331cb0c0a422a03
SSDEEP

6144:HS+PvfzFCNUU6ed+BlUAkhh/JzooQWe6ipFJxv1hMkE:RPzoT7+kPbQp6KFhukE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b8679cf856359e51f7a4abe6ac7861c_JaffaCakes118

Files

8b8679cf856359e51f7a4abe6ac7861c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bb7b058dc4f7fb0d50d43573c2e4e52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CallNamedPipeA
CloseHandle
CreateThread
CreateToolhelp32Snapshot
DeleteFileW
ExitProcess
GetDefaultCommConfigW
GetFullPathNameW
GetMailslotInfo
GetOEMCP
GetPrivateProfileIntA
GetProcAddress
GetProfileStringW
GetShortPathNameA
GetThreadPriority
GetVolumeInformationA
GlobalAddAtomA
GlobalReAlloc
LCMapStringA
PeekConsoleInputA
ReadConsoleInputW
ResetEvent
SetFileApisToOEM
SetSystemTime
Thread32Next
VerLanguageNameA
VirtualAllocEx
WriteProfileStringW
_lwrite
lstrlen

user32

AdjustWindowRect
ChangeDisplaySettingsExA
CopyIcon
CountClipboardFormats
CreateIcon
DefDlgProcW
DefWindowProcA
DlgDirListA
DrawMenuBarTemp
GetCaretBlinkTime
GetClipboardSequenceNumber
GetDlgCtrlID
GetDlgItemTextA
GetMonitorInfoW
GetPropA
HideCaret
InsertMenuW
IsCharLowerA
LoadBitmapW
LockWindowUpdate
ModifyMenuW
MsgWaitForMultipleObjects
SendNotifyMessageA
SetMessageQueue
SetScrollInfo
SetWindowPos
TranslateAcceleratorW

gdi32

AbortDoc
BeginPath
CreateColorSpaceW
CreateICW
CreateRectRgn
CreateRectRgnIndirect
EnumMetaFile
ExtEscape
FixBrushOrgEx
GdiGetBatchLimit
GetBrushOrgEx
GetCharWidth32A
GetCharacterPlacementW
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetEnhMetaFileA
GetGraphicsMode
GetKerningPairsA
OffsetRgn
PtInRegion
RemoveFontResourceA
SetAbortProc
SetArcDirection
SetBkMode
SetPolyFillMode
SetTextJustification
UpdateICMRegKeyW

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bb7b058dc4f7fb0d50d43573c2e4e52

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 8KB

.data Size: 226KB - Virtual size: 236KB

.rdata Size: - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 208KB

.text
Size: 512B - Virtual size: 8KB

.data
Size: 226KB - Virtual size: 236KB

.rdata
Size: - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 208KB