b488757b09d83d37554dd90cfc0e7f21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b488757b09d83d37554dd90cfc0e7f21_JaffaCakes118
Size

995KB
MD5

b488757b09d83d37554dd90cfc0e7f21
SHA1

b596b2325b0ff8d6b1548671a8886cffccf02100
SHA256

f5a60d5649ee08a2c41852b61d3e39f1e19c3e9de74fcb3b4dc941cb06aabfde
SHA512

32ec3a2587848b54f3f7ec72359c0b04988adf091ff3bca5a2dcc2206fede44c77288848f88d627ef4d8c0f189f6f3719d714787716fb271956fd7bf02c23bc5
SSDEEP

12288:yW787HOYzZSLlaUFe1OYpSX8eBfjRgeYlSC6WLmg9OnAmMOORrHN2G46tWVgYdCX:OLOYzZSLlawX8ayaCzr9UMO4HNrpvyG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b488757b09d83d37554dd90cfc0e7f21_JaffaCakes118

Files

b488757b09d83d37554dd90cfc0e7f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

673df7b0350ff14f47dddf1eb227eb7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragEnter
DestroyPropertySheetPage
ImageList_GetBkColor
ImageList_Draw

user32

DefMDIChildProcA
ShowScrollBar
GetClipboardSequenceNumber
CheckDlgButton
CloseWindowStation
OpenIcon
EmptyClipboard
GetMenuStringA
DestroyCaret
GetMessageExtraInfo
GetWindowWord
GetClipboardFormatNameA
OpenDesktopA
ChangeClipboardChain
GetMenuItemRect
OpenClipboard
VkKeyScanA
IsCharLowerW
EnumWindowStationsA

kernel32

GetProcessHeap
GetCompressedFileSizeW
ExitProcess
GlobalFlags
GetOEMCP
WritePrivateProfileStringA
WriteFile
ExitThread
LeaveCriticalSection
SetConsoleOutputCP
GetBinaryTypeA
_llseek
IsProcessorFeaturePresent
GenerateConsoleCtrlEvent
QueryDosDeviceW
GetProcessTimes
FreeResource
EraseTape
GetModuleFileNameW
DeleteFiber
GlobalAddAtomW
LCMapStringA
SetConsoleCursorPosition
GlobalAddAtomA
GetACP
CreateProcessA
EnumSystemCodePagesW
WriteConsoleOutputCharacterA
GetVersion
UnhandledExceptionFilter
GetEnvironmentStringsW
GetTimeZoneInformation
GetAtomNameA
GetLocaleInfoW
SetEvent
LocalReAlloc
SetConsoleTitleA
ReadFile
GetBinaryTypeW
EnumCalendarInfoW
GetSystemTimeAsFileTime
lstrcpynA
DeleteCriticalSection

advapi32

ObjectCloseAuditAlarmA
RegFlushKey
RegCreateKeyW
CryptExportKey
QueryServiceLockStatusW
RegQueryValueExA
StartServiceCtrlDispatcherA
StartServiceA
ReportEventW
LookupPrivilegeDisplayNameA
CryptReleaseContext
SetNamedSecurityInfoW
RegUnLoadKeyA
CopySid
SetSecurityDescriptorSacl
UnlockServiceDatabase

msvcrt

_mbsdec
perror
_wtol
_snwprintf
fread
_setmode
_getdcwd
_lseeki64
_beginthread
wcscoll
_itoa
wscanf
_ui64tow
_mbsrchr
_strdup
_chmod
_mbctoupper
mktime
_stricoll
_wsetlocale
ftell
_wstrdate
_controlfp
_isctype
iswxdigit

Sections

.text
Size: 11KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

673df7b0350ff14f47dddf1eb227eb7a

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 11KB - Virtual size: 227KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 597KB - Virtual size: 596KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 11KB - Virtual size: 227KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 597KB - Virtual size: 596KB

.rsrc
Size: 17KB - Virtual size: 16KB