8f003cd216155d08c65bd114b827c9ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8f003cd216155d08c65bd114b827c9ef_JaffaCakes118
Size

272KB
MD5

8f003cd216155d08c65bd114b827c9ef
SHA1

72a5d14bfe7e3b08d642db7a90dcde562d61156c
SHA256

ffd52896a71dfc5269d9665e16ca184ef2bd9597d75061ef9e39bc08091e8147
SHA512

e13558ee666b84761291aa770cd1d1a093c22bc67f62b158b2065206a41197a584425b5d29c122cd0d40f856ef7dc99cc7b50aac485ca13fe1dec44722ec8d88
SSDEEP

6144:ifKROMoadaQrwZUL/8Bp5t3jjQCWLfj9JPluUGg3ikp:iyROlxJtzjtWTjBungp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f003cd216155d08c65bd114b827c9ef_JaffaCakes118

Files

8f003cd216155d08c65bd114b827c9ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e54fe94c3a1783ed8b1194aeba7c468b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayRedim
VariantCopyInd
SafeArrayCreateVector
SysAllocString
SysStringByteLen
VariantClear
SafeArrayLock
VariantInit
SetErrorInfo
SafeArrayCreate
CreateErrorInfo
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayUnlock
SafeArrayAccessData
VariantChangeType
SafeArrayPutElement
GetErrorInfo
SysFreeString

ole32

CoCreateInstance
OleSaveToStream
CoInitializeEx
OleLoadFromStream
CreateStreamOnHGlobal
CoUninitialize
StringFromGUID2
CoCreateGuid
IIDFromString
GetHGlobalFromStream

kernel32

FindFirstFileW
SetThreadPriority
OutputDebugStringW
IsDebuggerPresent
ReadProcessMemory
SetConsoleMode
lstrlenA
SystemTimeToFileTime
OpenEventW
GetThreadContext
GetProcessTimes
RaiseException
GetSystemDirectoryW
FreeConsole
SetConsoleScreenBufferSize
PostQueuedCompletionStatus
DeleteCriticalSection
GlobalSize
CreateDirectoryW
ReadConsoleInputW
FileTimeToSystemTime
WriteConsoleW
LeaveCriticalSection
SetConsoleCtrlHandler
SizeofResource
FlushFileBuffers
CreateProcessW
FindClose
VirtualQuery
GlobalUnlock
SetConsoleActiveScreenBuffer
ProcessIdToSessionId
FindResourceW
GetTempPathW
CreateThread
GetSystemTime
VerSetConditionMask
GlobalFree
CreateFileW
GetLongPathNameW
ReadFile
OpenSemaphoreW
GetWindowsDirectoryW
GlobalLock
GlobalAlloc
HeapReAlloc
SetStdHandle
WaitForMultipleObjects
OpenProcess
RegisterWaitForSingleObject
lstrcpyW
FillConsoleOutputCharacterW
LoadLibraryExW
PulseEvent
LockResource
SetWaitableTimer
HeapSize
FillConsoleOutputAttribute
SetConsoleWindowInfo
VerifyVersionInfoW
LocalFree
GetLocalTime
GetSystemInfo
SuspendThread
FindNextFileW
SetLastError
FreeLibrary
OpenMutexW
GetConsoleScreenBufferInfo
CreateMutexW
EnumUILanguagesW
LocalAlloc
VirtualAlloc
GetCurrentThreadId
GetThreadPriority
ExitThread
HeapFree
GetQueuedCompletionStatus
WideCharToMultiByte
GetSystemTimeAsFileTime
SetConsoleTextAttribute
CreateConsoleScreenBuffer
SetConsoleCursorInfo
WaitForMultipleObjectsEx
MoveFileExW
LoadResource
TerminateThread
SetUnhandledExceptionFilter
UnregisterWaitEx
DisableThreadLibraryCalls
GetConsoleMode
GetFileType
DeleteFileW
HeapAlloc
ResumeThread
SetErrorMode
WriteConsoleOutputCharacterW
ReleaseMutex
CancelWaitableTimer
GetConsoleWindow
GetUserDefaultUILanguage
SetEndOfFile
CreateIoCompletionPort
VirtualFree
FindResourceExW
CreateEventW
WaitForSingleObject
SetConsoleCursorPosition
EnterCriticalSection
HeapDestroy
GetModuleHandleW
CreateSemaphoreW
TryEnterCriticalSection
SetConsoleTitleW
ReleaseSemaphore
GetConsoleCursorInfo
lstrlenW
GetShortPathNameW
GetCommandLineW
AllocConsole
lstrcatW
FormatMessageW
GetFileSize
GetStdHandle
GetSystemDefaultUILanguage
GetCurrentDirectoryW
SetFilePointer
UnhandledExceptionFilter
ResetEvent
WriteFile
CreateWaitableTimerW
GetConsoleTitleW
GetNumberOfConsoleInputEvents
CancelIo
GetProcessHeap
DuplicateHandle
CloseHandle
QueryPerformanceCounter
VirtualAllocEx
GetModuleHandleA

user32

RegisterClassExW
PostMessageW
PeekMessageW
SetWindowLongW
TranslateMessage
CreateWindowExW
MsgWaitForMultipleObjectsEx
IsWindowUnicode
GetSystemMetrics
DispatchMessageA
DestroyWindow
GetWindowLongW
GetMessageA
GetClassInfoExW
CharPrevW
PostThreadMessageW
CharNextW
UnregisterClassW
DispatchMessageW
DefWindowProcW
wsprintfW
GetMessageW

dbghelp

ImageRvaToVa
SymCleanup
UnDecorateSymbolName
SymGetLineNext64
SymUnloadModule64
MiniDumpReadDumpStream
SymUnloadModule
SymGetModuleBase64
SymGetLinePrev64

rasppp

RasCpEnumProtocolIds
PppStop

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IbBd
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rBeLc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cIPp
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAcEWG
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VAxZz
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qflN
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Nbodm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ltNOPdW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IHUZEZS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mBZaxM
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LTHp
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e54fe94c3a1783ed8b1194aeba7c468b

Headers

File Characteristics

Imports

oleaut32

ole32

kernel32

user32

dbghelp

rasppp

Sections

.text Size: 113KB - Virtual size: 112KB

.IbBd Size: 5KB - Virtual size: 4KB

.rBeLc Size: 2KB - Virtual size: 2KB

.cIPp Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 230KB

.GAcEWG Size: 2KB - Virtual size: 1KB

.rdata Size: 113KB - Virtual size: 113KB

.VAxZz Size: 1024B - Virtual size: 958B

.qflN Size: 2KB - Virtual size: 2KB

.Nbodm Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.ltNOPdW Size: 3KB - Virtual size: 2KB

.IHUZEZS Size: 1KB - Virtual size: 1KB

.mBZaxM Size: 512B - Virtual size: 400B

.LTHp Size: 1024B - Virtual size: 814B

.text
Size: 113KB - Virtual size: 112KB

.IbBd
Size: 5KB - Virtual size: 4KB

.rBeLc
Size: 2KB - Virtual size: 2KB

.cIPp
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 230KB

.GAcEWG
Size: 2KB - Virtual size: 1KB

.rdata
Size: 113KB - Virtual size: 113KB

.VAxZz
Size: 1024B - Virtual size: 958B

.qflN
Size: 2KB - Virtual size: 2KB

.Nbodm
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB

.ltNOPdW
Size: 3KB - Virtual size: 2KB

.IHUZEZS
Size: 1KB - Virtual size: 1KB

.mBZaxM
Size: 512B - Virtual size: 400B

.LTHp
Size: 1024B - Virtual size: 814B