8eeb282a68828c9689742dcb3a2fe057_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8eeb282a68828c9689742dcb3a2fe057_JaffaCakes118
Size

584KB
MD5

8eeb282a68828c9689742dcb3a2fe057
SHA1

6c7e7a316dfcda2d9168ebe08947d0b2864254fa
SHA256

c2d380fe568c45811f2c12712c466d415d6d067865c6ba62f846570c61ff67b2
SHA512

274ef5f8535f21d53182293281a42255ca80571b665b38c55bda6f6e690aa46ea67c6ff01575a18986377e76523a4db61fcf1502810554101a6c6800be371ad8
SSDEEP

12288:L+3YCbVqpKIR6octd/0eITp23UJlZccgT3YcuEPH:L3a84octsTp7fZyT3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eeb282a68828c9689742dcb3a2fe057_JaffaCakes118

Files

8eeb282a68828c9689742dcb3a2fe057_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de5f186e509c5dcf10da1b3867b9d517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetErrorMode
VirtualProtect
GetSystemInfo
VirtualQuery
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
HeapDestroy
HeapCreate
GetStdHandle
GetConsoleCP
GetCurrentProcess
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
WaitForSingleObject
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
EndUpdateResourceA
BeginUpdateResourceA
VirtualProtectEx
UpdateResourceA
ExitProcess
WaitForMultipleObjects
TerminateProcess
GetProcessHeap
HeapFree
HeapAlloc
CreateThread
GetLocalTime
GetTickCount
GetModuleFileNameA
GetFileAttributesA
lstrcmpA
GetVersion
CompareStringA
lstrcmpiA
GetLastError
InterlockedExchange
GetStringTypeExA
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
lstrlenA
DeleteCriticalSection
EnterCriticalSection
VirtualAlloc
LeaveCriticalSection
InitializeCriticalSection
VirtualFree
ResumeThread
CloseHandle
LoadLibraryExA
CreateEventA
TerminateThread
GetConsoleMode

gdi32

GetWindowOrgEx
GetTextFaceA
GetTextAlign
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateSolidBrush
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetStockObject
PatBlt
Rectangle
DPtoLP
GetViewportOrgEx
CreatePen
StretchDIBits
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateDCA
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SetBkMode

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
GetJobA
ClosePrinter

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

oledlg

ord8

ole32

OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleDestroyMenuDescriptor

oleaut32

VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
SysAllocString
SafeArrayDestroy
VariantClear

Sections

.text
Size: 412KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de5f186e509c5dcf10da1b3867b9d517

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

winspool.drv

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 412KB - Virtual size: 409KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 16KB - Virtual size: 35KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 412KB - Virtual size: 409KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 16KB - Virtual size: 35KB

.rsrc
Size: 48KB - Virtual size: 44KB