8b948c39cfdb6436f817a0545508d354_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b948c39cfdb6436f817a0545508d354_JaffaCakes118
Size

326KB
MD5

8b948c39cfdb6436f817a0545508d354
SHA1

d0a3c7fcb3f38b9235bdab21a634b20742514359
SHA256

d52057096fa9648a19bebfba3a957946e389e2e4f2224a323cdc8ef6133d6cf9
SHA512

769e8afc98485e4d936012489159911bb3efa100d6423d0839bab46a1df5e2577a9ea3ef5c1f5b17b0b4810a1e3ac7af15e15f5375b6a190e8b7d604d7b6be96
SSDEEP

6144:bQzvymfFym9/DJ3qR/FgdEtlTU37SscnbdVdPvj:szvyA/DCpU37LcbrdPr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b948c39cfdb6436f817a0545508d354_JaffaCakes118

Files

8b948c39cfdb6436f817a0545508d354_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7aee9af4ed65e19eb1ae1b7f3f41ee42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA

comctl32

ord17
CreateToolbarEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
PropertySheetA
ImageList_Draw

crtdll

strrchr

gdi32

GdiSetBatchLimit
GetTextMetricsA
CombineRgn
CreateRectRgnIndirect
GdiFlush
RealizePalette
GetSystemPaletteEntries
SelectPalette
TextOutA
SelectObject
SetTextColor
SetBkMode
SetTextAlign
CreateSolidBrush
BitBlt
DeleteObject
GetStockObject
CreateFontIndirectA
GetDeviceCaps
GetObjectA
CreatePen
GetTextExtentPointA
LineTo
MoveToEx
CreateCompatibleDC
DeleteDC
SetBkColor
GetDIBits
CreateBitmap
GetPaletteEntries
CreateDIBSection
SetPixel
GetPixel
CreateDIBitmap
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateHalftonePalette
CreatePalette
CreateFontA
Rectangle
TextOutW
ExtTextOutA
SetROP2
GetTextCharset
TranslateCharsetInfo

kernel32

lstrlenA
GetTickCount
lstrcmpA
ExitProcess
GetModuleHandleA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
SetThreadPriority
CreateThread
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
FindCloseChangeNotification
FindFirstChangeNotificationA
FindNextChangeNotification
TerminateThread
GetExitCodeThread
WaitForSingleObject
lstrcpyA
WinExec
FindClose
FindFirstFileA
MoveFileA
lstrcatA
IsBadReadPtr
lstrcpynA
lstrcmpiA
GetVersionExA
SetProcessWorkingSetSize
GetCurrentProcess
Sleep
LockResource
LoadResource
FindResourceExA
SetLastError
WideCharToMultiByte
MulDiv
DeleteFileA
CloseHandle
WriteFile
CreateFileA
OpenFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateDirectoryA
GetPrivateProfileSectionA
GetWindowsDirectoryA
SearchPathA
LoadLibraryExA
GetFileAttributesA
GetSystemTime
GetTempFileNameA
MultiByteToWideChar
FindNextFileA
SystemTimeToFileTime
GetDriveTypeA
GetCurrentProcessId
SetEnvironmentVariableA
CreateProcessA
GetSystemDirectoryA
CompareStringA
GetUserDefaultLCID
GetModuleFileNameA
CopyFileA
FindResourceA
RemoveDirectoryA
GlobalSize
GetSystemDefaultLCID
GetACP

shell32

ShellExecuteA
DragFinish
DragQueryFileA
SHFileOperationA
ExtractIconA
DragAcceptFiles

user32

ReleaseDC
GetDC
UpdateWindow
GetDesktopWindow
DestroyWindow
SetForegroundWindow
ShowWindow
IsIconic
PostMessageA
SendMessageTimeoutA
IsWindowVisible
GetWindowTextA
GetWindowTextLengthA
IsWindow
UnregisterClassA
CharNextA
CharPrevA
MessageBoxA
EnumWindows
RegisterClassA
SetWindowLongA
DeleteMenu
GetSystemMenu
CreateWindowExA
LoadCursorA
LoadIconA
TranslateAcceleratorA
DispatchMessageA
TranslateMessage
GetMessageA
LoadAcceleratorsA
MsgWaitForMultipleObjects
DefWindowProcA
SendMessageA
PostQuitMessage
PeekMessageA
GetPropA
GetParent
InvalidateRect
GetClientRect
GetAsyncKeyState
GetDlgItem
ScreenToClient
WinHelpA
GetSystemMetrics
GetWindowRect
MessageBeep
wsprintfA
GetMessagePos
GetWindowLongA
GetWindowThreadProcessId
GetWindow
InvalidateRgn
SetCursor
GetCapture
SetCapture
PtInRect
MapWindowPoints
ReleaseCapture
WindowFromPoint
GetCursorPos
SetWindowPos
DrawEdge
FillRect
GetSysColor
EndPaint
ValidateRect
BeginPaint
SetTimer
GetKeyState
GetWindowDC
GetForegroundWindow
GetActiveWindow
KillTimer
RemovePropA
SetPropA
RegisterWindowMessageA
GetMessageTime
LockWindowUpdate
SystemParametersInfoA
DestroyIcon
SetWindowTextA
LoadImageA
SetActiveWindow
EnableMenuItem
LoadStringA
EndDialog
LoadBitmapA
IsCharAlphaA
IsCharAlphaNumericA
SendDlgItemMessageA
SetFocus
CallWindowProcA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
DrawFocusRect
DialogBoxParamA
DialogBoxIndirectParamA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
CharLowerA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetDoubleClickTime
MoveWindow
GetDCEx
IsWindowEnabled
GetMenuItemID
WinHelpW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7aee9af4ed65e19eb1ae1b7f3f41ee42

Headers

File Characteristics

Imports

advapi32

comctl32

crtdll

gdi32

kernel32

shell32

user32

version

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 31KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 168KB - Virtual size: 168KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 31KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 168KB - Virtual size: 168KB

.reloc
Size: 11KB - Virtual size: 10KB