8eb63e9e313ce2713898cccd4334e557_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8eb63e9e313ce2713898cccd4334e557_JaffaCakes118
Size

494KB
MD5

8eb63e9e313ce2713898cccd4334e557
SHA1

014c8d58a333b93cf441c98e84430423b031a877
SHA256

ca4d094112e3abd528e6d466886561fc8c58240501b13892757bb7b14a16991b
SHA512

ac3e9d07b6ca5873cf7aa48c5c6f8220ba5a6b541fac3471667fd98fc4eb4e509066cb320d7a5f6f9a622a00f220a36b8d24de1918e0c7ac64edf9723714c053
SSDEEP

12288:iCxkxqbPniIlLxDb1/X03u43h8E415F3t3I95j:iCxk2PnDlDbUu4AB3+95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eb63e9e313ce2713898cccd4334e557_JaffaCakes118

Files

8eb63e9e313ce2713898cccd4334e557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a24c6d5776e0ec83b7cdb3f685895f89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetCurrentThread
FreeLibrary
HeapReAlloc
HeapAlloc
EnumCalendarInfoExW
GetOEMCP
GetProcAddress
LeaveCriticalSection
UnhandledExceptionFilter
HeapCreate
WriteFile
GetConsoleCP
GetLocaleInfoW
GetStringTypeA
InterlockedExchange
IsDebuggerPresent
LCMapStringA
GetTickCount
VirtualQuery
GetTempPathW
GetLocaleInfoA
DeleteCriticalSection
GetACP
ReleaseMutex
SetConsoleCP
FreeEnvironmentStringsW
CompareStringA
MultiByteToWideChar
HeapDestroy
GetDateFormatA
CreateMailslotA
GetLastError
TerminateProcess
GetModuleFileNameA
GetEnvironmentStrings
WriteConsoleW
InitializeCriticalSection
GetStdHandle
GetModuleHandleA
FlushFileBuffers
InterlockedIncrement
GetCommandLineW
SetLastError
EnterCriticalSection
WaitForMultipleObjectsEx
LCMapStringW
GetEnvironmentStringsW
IsValidCodePage
GetTimeFormatA
ResumeThread
GetSystemTimeAsFileTime
LocalHandle
GetStartupInfoW
GetCurrentProcessId
CreateMutexA
HeapFree
WriteConsoleA
VirtualFree
ReadFile
SetFilePointer
SetUnhandledExceptionFilter
CreateFileA
OpenWaitableTimerW
TlsFree
SetVolumeLabelA
Sleep
GetModuleFileNameW
ConvertDefaultLocale
GetFileAttributesExA
GetFileType
SetEnvironmentVariableA
GetCurrentThreadId
QueryPerformanceCounter
FreeEnvironmentStringsA
HeapSize
LoadLibraryA
GetCompressedFileSizeA
GetCurrentProcess
GetConsoleOutputCP
WideCharToMultiByte
OpenMutexA
GetPrivateProfileSectionA
ExitProcess
GetUserDefaultLCID
InterlockedDecrement
GetTimeZoneInformation
GetConsoleMode
SetConsoleCtrlHandler
SetHandleCount
lstrcmpi
GetCommandLineA
IsValidLocale
CompareStringW
GetStartupInfoA
SetStdHandle
TlsAlloc
GetProcessHeap
TlsSetValue
VirtualAlloc
TlsGetValue
EnumSystemLocalesA
GetVersionExA
CloseHandle
GetCPInfo
RtlUnwind
GetStringTypeW

user32

InvalidateRect
UnhookWindowsHook
EnumDesktopWindows
AttachThreadInput
CreateAcceleratorTableW
DefFrameProcA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
RegisterClassA
SetKeyboardState
MessageBoxA
FlashWindow
RegisterClassExA
DdeReconnect
wsprintfW
ScrollDC
PtInRect
GetUpdateRect

advapi32

CryptGetKeyParam
LookupSecurityDescriptorPartsA
CreateServiceW
RegOpenKeyA
StartServiceA
CryptHashSessionKey
RegQueryMultipleValuesA
ReportEventW
ReportEventA
CryptDecrypt

Sections

.text
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a24c6d5776e0ec83b7cdb3f685895f89

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

Sections

.text Size: 319KB - Virtual size: 318KB

.rdata Size: 60KB - Virtual size: 73KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 319KB - Virtual size: 318KB

.rdata
Size: 60KB - Virtual size: 73KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 7KB - Virtual size: 7KB