8c88fb5d583b1b9cb6927bb4b2d6b278_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c88fb5d583b1b9cb6927bb4b2d6b278_JaffaCakes118
Size

334KB
MD5

8c88fb5d583b1b9cb6927bb4b2d6b278
SHA1

b1bd6b5f597ed58bab8482f777fe13703ce5f53a
SHA256

6eb71028dde107ab3dade3f9f757b664fba1d47a3d2a90a2253e1f86c1368a60
SHA512

86835bc5ac8bc61e184e3848eadf8b03259c49800487c13d056ab8e978d41bd3195e05e26a082256482232795843c72fb3d4909401b0c6975b146366dd6955d6
SSDEEP

6144:x4+yJAmMSqEyGXP25bahBC/9mE5+Ed9wPS4uwsQnFphpqSQMSVzJ:x4GqXP2QC/9mEYUwPS0nq3nZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c88fb5d583b1b9cb6927bb4b2d6b278_JaffaCakes118

Files

8c88fb5d583b1b9cb6927bb4b2d6b278_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6aeb1020abbf940f99626ce92e7448d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BroadcastSystemMessageA
FillRect
CopyAcceleratorTableW
GetAltTabInfo
SetWindowsHookExW
SetWindowContextHelpId
GrayStringA
InflateRect
RegisterClassA
DrawFrameControl
DdeCmpStringHandles
DdeCreateStringHandleA
ShowWindow
IsZoomed
RegisterClassExA
WINNLSGetIMEHotkey
FindWindowExW
DdeAccessData
RemovePropA
DestroyWindow
CreateWindowExW
DdeQueryNextServer
DrawFrame
CloseWindow
CharNextExA
MessageBoxW
GetWindowInfo
DrawTextW
RegisterClassExW
UpdateWindow
LoadCursorFromFileA
GetMenuItemRect
GetClassInfoW
EditWndProc
DefWindowProcA
GetSystemMenu
DefFrameProcA
GetScrollRange
IsMenu
InSendMessageEx
UnionRect
IsCharAlphaA
TabbedTextOutA
ChangeMenuW
SetThreadDesktop
ReuseDDElParam
GetDlgItem
MonitorFromWindow
VkKeyScanExW
MessageBoxIndirectA
EqualRect

comctl32

InitCommonControlsEx
ImageList_GetBkColor
ImageList_GetIcon

kernel32

CreateThread
SetStdHandle
FindResourceW
GetSystemTimeAsFileTime
SetConsoleCursorInfo
WideCharToMultiByte
WriteFile
GetAtomNameW
GetCPInfo
IsValidLocale
WriteConsoleOutputA
GetStdHandle
GetAtomNameA
VirtualQuery
FillConsoleOutputCharacterA
GetStartupInfoA
GetVolumeInformationA
TlsFree
GetLocaleInfoA
InterlockedDecrement
CreateFileMappingA
VirtualAlloc
GetThreadPriority
CreateMutexA
GetFullPathNameW
AddAtomA
GlobalFindAtomW
GetCommandLineW
GetCurrentThread
OpenMutexA
CommConfigDialogW
FreeLibrary
FreeEnvironmentStringsW
GetPrivateProfileSectionW
CloseHandle
AddAtomW
HeapReAlloc
FindNextFileW
LoadLibraryA
SetFilePointer
SetHandleCount
SetPriorityClass
GetModuleFileNameA
LCMapStringW
EnumResourceLanguagesW
CompareStringW
FindFirstFileExA
GetFileAttributesW
SetLocaleInfoA
FreeEnvironmentStringsA
LCMapStringA
GetTempFileNameW
FindFirstFileExW
MultiByteToWideChar
ExitProcess
HeapAlloc
CompareStringA
InterlockedIncrement
GetLocalTime
InterlockedExchange
GetTickCount
LeaveCriticalSection
HeapFree
MapViewOfFile
HeapCreate
GetCommandLineA
GetSystemTime
SetEndOfFile
GetEnvironmentStringsW
OpenProcess
UnhandledExceptionFilter
ExpandEnvironmentStringsW
EnumTimeFormatsA
FindAtomA
TransactNamedPipe
TerminateProcess
GetModuleFileNameW
GetCurrentProcessId
GetTimeZoneInformation
TlsGetValue
GetStringTypeW
HeapDestroy
TlsAlloc
InitializeCriticalSection
SetEnvironmentVariableA
SetFileAttributesW
GetCurrentProcess
GlobalDeleteAtom
RtlUnwind
SetLastError
ReadFile
FlushFileBuffers
OpenEventW
GetProcAddress
LoadModule
GetLastError
QueryPerformanceCounter
GetStringTypeA
GetTimeFormatA
SetEvent
CompareFileTime
SetThreadAffinityMask
GetNumberFormatA
LockResource
IsBadWritePtr
UnlockFile
OpenEventA
GetFileType
LockFileEx
GetCurrentThreadId
GetStartupInfoW
GetEnvironmentStrings
GetVersion
TlsSetValue
DeleteCriticalSection
GetModuleHandleA
VirtualFree
EnterCriticalSection

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6aeb1020abbf940f99626ce92e7448d

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 92KB - Virtual size: 108KB

.rsrc Size: 49KB - Virtual size: 49KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 92KB - Virtual size: 108KB

.rsrc
Size: 49KB - Virtual size: 49KB