b68329847771c7211545d746158f5a9a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b68329847771c7211545d746158f5a9a_JaffaCakes118
Size

206KB
MD5

b68329847771c7211545d746158f5a9a
SHA1

000db2ad7f162019753bfb90baeb25263cdf6764
SHA256

5e5577a0ae29f48a7b808762ef09f3936b45682da899319bf053b7bcca7c90ee
SHA512

a75a8d2e97107d862baafacf9ec5568182f459a4ed1f91d2c3e4893fb62758118ec2dd2c518d3bec24c5f3e5d99d29c72382a5e2984abeebcce44262b2afaf0c
SSDEEP

6144:zHYuuQXSAlj5gRbzbgVfRTf2tTrXbMaEou:z4sCA95gS2BG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b68329847771c7211545d746158f5a9a_JaffaCakes118

Files

b68329847771c7211545d746158f5a9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad3d0135b4afa99e20ce19249ec7c697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetAtomNameA
GetFileType
WriteFile
lstrcmpi
EndUpdateResourceW
SystemTimeToFileTime
GetNamedPipeInfo
GetACP
GetEnvironmentStringsA
CreateFileA
GetModuleHandleA
CompareStringW
GetVersionExA
GetStartupInfoW
SetComputerNameW
GetLocalTime
GetExpandedNameA
GetEnvironmentStringsW
FlushFileBuffers
LoadResource
RemoveDirectoryW
GetLogicalDrives
GetVolumeInformationW
lstrcpyA
OpenMutexW
GetProcAddress

user32

keybd_event
GetCapture
DefWindowProcA
WinHelpA
GetTopWindow
FrameRect
MonitorFromWindow
LoadCursorW
GetSubMenu
DefDlgProcW
GetDC
MessageBoxIndirectA
GetMenu
CreateMenu
SetParent

gdi32

RemoveFontResourceW
GetBitmapBits
GetNearestPaletteIndex
CreateScalableFontResourceW
AbortPath
ArcTo
ExtFloodFill
DeleteEnhMetaFile
GetRandomRgn
CreateFontIndirectW

advapi32

RegFlushKey
RegOpenKeyExW
RegCreateKeyExW

winmm

midiInGetNumDevs
mmioRenameW
midiOutPrepareHeader
midiInStop
midiInPrepareHeader

wsock32

AcceptEx
sendto
getsockopt
GetServiceW
EnumProtocolsW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MFzL
Size: 1KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YX
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tuD
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MgkBf
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TSOMkb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rkXu
Size: 1KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Y
Size: 2KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad3d0135b4afa99e20ce19249ec7c697

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

wsock32

Sections

.text Size: 12KB - Virtual size: 12KB

.MFzL Size: 1KB - Virtual size: 46KB

.YX Size: 2KB - Virtual size: 5KB

.tuD Size: 2KB - Virtual size: 20KB

.MgkBf Size: 2KB - Virtual size: 35KB

.TSOMkb Size: 2KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 9KB

.rkXu Size: 1KB - Virtual size: 21KB

.Y Size: 2KB - Virtual size: 225KB

.rsrc Size: 168KB - Virtual size: 168KB

.reloc Size: 1024B - Virtual size: 952B

.text
Size: 12KB - Virtual size: 12KB

.MFzL
Size: 1KB - Virtual size: 46KB

.YX
Size: 2KB - Virtual size: 5KB

.tuD
Size: 2KB - Virtual size: 20KB

.MgkBf
Size: 2KB - Virtual size: 35KB

.TSOMkb
Size: 2KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 9KB

.rkXu
Size: 1KB - Virtual size: 21KB

.Y
Size: 2KB - Virtual size: 225KB

.rsrc
Size: 168KB - Virtual size: 168KB

.reloc
Size: 1024B - Virtual size: 952B