8bdb1ea0bb84b90812e88006143cd6e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8bdb1ea0bb84b90812e88006143cd6e6_JaffaCakes118
Size

36KB
MD5

8bdb1ea0bb84b90812e88006143cd6e6
SHA1

852dfb3ad770b732a205283b14c7f970c2f9c9f5
SHA256

42906d289e16f0a2bbbc4a89dd5a619216c5a7b0b78b43d3ea7f2fd8881b489b
SHA512

63f739cf9df469c947c6a45ab107bec9b0f088f35caa50d143c450a062cc03ccf7ac57246f6b28f1bef161ba304bf44ff2e5d5d90bd74aa2b1633ca4e9e2bf43
SSDEEP

768:mAsFj3iwgHWkkF/EwXbgWpBZcURv92ulB23CN:mAISw1F/FbgWvCURv92um

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bdb1ea0bb84b90812e88006143cd6e6_JaffaCakes118

Files

8bdb1ea0bb84b90812e88006143cd6e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4eebbfd99b6e84fcd80f0f7e6a69ae1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DPtoLP
GetLogColorSpaceA
SelectClipPath
EndDoc
GetObjectA
GetGraphicsMode
RoundRect
EnumFontFamiliesW
GetObjectType
GetRgnBox
DeleteObject
SetWindowOrgEx
FillRgn
GetViewportExtEx
GetObjectW
SetBkMode
SetViewportOrgEx
CancelDC
GetTextMetricsA
GetMiterLimit
GetTextMetricsW
CreateMetaFileA
GetMetaRgn
BeginPath
GetViewportOrgEx
SwapBuffers

user32

DlgDirListComboBoxW
GetPropA
SetLastErrorEx
CharUpperW
ChangeDisplaySettingsExW
MessageBoxW
GetWindowInfo
WINNLSEnableIME
IMPQueryIMEA
GetScrollInfo
GetClipboardData
CreateWindowExA
MsgWaitForMultipleObjectsEx
CharPrevExA
FindWindowA
GrayStringW
SetMenuContextHelpId
DdeCmpStringHandles
GetComboBoxInfo
LoadBitmapW
CreateDialogIndirectParamA
CopyImage
AdjustWindowRectEx
CharToOemA
SetClassWord
MonitorFromRect
RegisterLogonProcess
DlgDirListW
DdeAbandonTransaction
InSendMessage
SetShellWindow
GetSysColor

advapi32

GetUserNameA
RegEnumValueW
CryptSetProviderExA
RegRestoreKeyW
ReadEventLogA
GetNamedSecurityInfoExA
GetUserNameW
RegOpenKeyA
GetSecurityDescriptorLength
RegOpenKeyW
FreeSid
ConvertSecurityDescriptorToAccessA
ConvertSecurityDescriptorToAccessNamedA

ole32

CreateErrorInfo
SetDocumentBitStg
CreateAntiMoniker
CoGetCallerTID
CoRegisterMessageFilter
PropVariantClear
CoInitialize
CreateDataAdviseHolder
OleCreateFromFileEx
RegisterDragDrop
HBRUSH_UserUnmarshal
HMETAFILE_UserFree

msvcrt

_dup2
feof
wcslen
_popen
_mbsnbicoll
fwscanf
atof
_wsetlocale
__p___argc
_wtoi
__p__amblksiz
_wcsicmp
__p__mbctype
_wspawnle
_strnicmp
_wspawnlpe
fputwc
__pxcptinfoptrs
_stricmp
_adj_fpatan
wcstombs
_fmode
wcscat
__p__iob
_wfdopen
freopen
_ismbcl1
_winmajor
_wcsrev
memchr
_cscanf
_getws
_mbccpy
iswxdigit
_wunlink
qsort
_CIexp
_tolower
realloc
_fullpath
_strrev
wcscmp
vswprintf
_open
_execl
vsprintf
_execlp
_atodbl
__argv

kernel32

VirtualFree
FindFirstFileW
lstrcmpiA
GetModuleFileNameA
SetCommState
GetModuleHandleA
GetStartupInfoA
CopyFileA
CreateSemaphoreW
lstrcmpA
lstrlenA
GetSystemDefaultLangID
GetSystemTime
CreateTapePartition
GetProcessShutdownParameters
lstrcmpiW
lstrlenW
GlobalAddAtomA
PeekConsoleInputA
CreateFileW
FlushFileBuffers
MoveFileW
GetStringTypeExW
GetLocalTime
CompareStringW
Sleep
GetStartupInfoW
ReadConsoleOutputCharacterA
lstrcmpW
GetModuleHandleW
GetProcessTimes
GetFullPathNameW
ClearCommBreak
EnumCalendarInfoW
GetPrivateProfileIntW
VirtualAlloc
DuplicateHandle
ExitProcess

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cqkn
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nrea
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kbpg
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4eebbfd99b6e84fcd80f0f7e6a69ae1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

advapi32

ole32

msvcrt

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.cqkn Size: 5KB - Virtual size: 9KB

.nrea Size: 4KB - Virtual size: 7KB

.kbpg Size: 5KB - Virtual size: 32KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.cqkn
Size: 5KB - Virtual size: 9KB

.nrea
Size: 4KB - Virtual size: 7KB

.kbpg
Size: 5KB - Virtual size: 32KB

.reloc
Size: 1024B - Virtual size: 1KB