b1f9b1a67f72efbf6955b3ae6a7af0cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1f9b1a67f72efbf6955b3ae6a7af0cc_JaffaCakes118
Size

181KB
MD5

b1f9b1a67f72efbf6955b3ae6a7af0cc
SHA1

a8f2f0416c6e4ddc6c72497f0c2bc16d0c40a0bf
SHA256

e1e16f62b1bd3e0a4553932adcdf6aac124ee736d19ae9818f720ab2eca20707
SHA512

7f4b96ce502d548ab10ddd3a95e6913a6ad304c39c10fbf3bde01102f00937c09c4034974d6c053bc94a5088b83114b0e5052f906854d6b17067694b2d934cc4
SSDEEP

3072:Usbqg+xSskGaC7gwqD3k9oDJdr0glIimOI9tSsEW2uTL+oZ2Gk1lV5x8gEN79G:ReSsB75qTk2DMghIDj3+g2Xjr6h5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1f9b1a67f72efbf6955b3ae6a7af0cc_JaffaCakes118

Files

b1f9b1a67f72efbf6955b3ae6a7af0cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9aa8465e61d14697c1cddb81b426b3b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoUninitialize
CoInitialize

user32

GetMenuCheckMarkDimensions
EnableMenuItem
GetWindowLongW
ModifyMenuW
GetParent
LoadBitmapW
GetSystemMetrics
ReleaseDC
GetLastActivePopup
GetSysColor
GetWindowTextW
CheckMenuItem
GetDC
EnableWindow
LoadCursorW
MessageBoxW
IsWindowEnabled
GetSysColorBrush

gdi32

RectVisible
PtVisible
DeleteDC
GetDeviceCaps
Escape
ExtTextOutW
OffsetViewportOrgEx
SetBkColor
ScaleViewportExtEx
SetViewportExtEx
TextOutW
CreateBitmap
ScaleWindowExtEx
SaveDC
DeleteObject
SetTextColor
SetViewportOrgEx
RestoreDC
SelectObject
SetWindowExtEx
GetClipBox
SetMapMode
GetStockObject

kernel32

IsBadCodePtr
GetShortPathNameW
HeapCreate
FreeEnvironmentStringsW
GetCommandLineA
UnhandledExceptionFilter
GetFileType
GetSystemInfo
VirtualAlloc
GetStringTypeW
HeapDestroy
GetSystemTimeAsFileTime
GetProcessAffinityMask
RtlUnwind
GetStringTypeA
QueryPerformanceCounter
SetFilePointer
IsBadWritePtr
HeapReAlloc
LCMapStringA
GetEnvironmentStringsW
HeapSize
EnumResourceTypesW
HeapAlloc
GetCurrentProcessId
FlushFileBuffers
VirtualProtect
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
GetCPInfo
GetTickCount
HeapFree
GetFileAttributesA
VirtualFree
GetStdHandle
SetStdHandle
GetCurrentProcess
GetEnvironmentStrings
GetOEMCP
VirtualQuery
TerminateProcess
LCMapStringW
GetModuleFileNameA
SetHandleCount
ExitProcess

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shell32

SHGetSpecialFolderPathW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa8465e61d14697c1cddb81b426b3b1

Headers

File Characteristics

Imports

ole32

user32

gdi32

kernel32

shlwapi

winspool.drv

shell32

advapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 75KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 75KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 124KB