b8206e4c272894273424d287cd9d6491_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8206e4c272894273424d287cd9d6491_JaffaCakes118
Size

140KB
MD5

b8206e4c272894273424d287cd9d6491
SHA1

b0cda490ed5cc2e8133d4bcc50187cc008cd1b70
SHA256

2a279c1975060a20fa31edf5a1a7dcdac5df76219e1818a87be4bf0669199e72
SHA512

c73439c6f56e0838321e5ad9e526e42fbeb876365f2c15e5fd183adc0cb09e0dfe962ab3f2e2be2efc2c7cfa6f31c99f2dbb298d6051c23ca4d653ecb3080209
SSDEEP

3072:JXvBN6S31yAorx3P875K5p7xJDpBvpelXzL:JZN6S31y13E83VBWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8206e4c272894273424d287cd9d6491_JaffaCakes118

Files

b8206e4c272894273424d287cd9d6491_JaffaCakes118
.exe windows:9 windows x86 arch:x86

bdc3af577e4500fdc54e0407b7169470

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
LocalAlloc
GetProcessHeap
GetCurrentProcess
GetCommandLineA
SetUnhandledExceptionFilter
GetTickCount
GetCommandLineA
SetEvent
GetCurrentProcessId
GetCurrentProcessId
GetCommandLineA
LocalFree
SetUnhandledExceptionFilter
GetCommandLineA
GetProcessHeap
SleepEx
GetTickCount
SetUnhandledExceptionFilter
GetCommandLineW
QueryPerformanceCounter
GetCommandLineA
GetModuleFileNameA
VirtualFree
GetCurrentProcessId
GetCommandLineW
FormatMessageW
FormatMessageW
LocalAlloc
MultiByteToWideChar
GetCurrentProcess
FormatMessageW
LocalFree
GetModuleHandleA
GetModuleFileNameA
QueryPerformanceCounter
GetModuleHandleA
SetEvent
GetProcessHeap
GetModuleHandleA
VirtualFree
LocalAlloc
VirtualFree
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameA
GetProcessHeap
WaitForSingleObject
LocalAlloc
FormatMessageW
LocalFree
GetCurrentThreadId
VirtualFree
GetCurrentProcess
GetCurrentProcess
LocalFree
GetTickCount
WaitForSingleObject
GetModuleHandleW
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineW
GetACP
GetACP
GetModuleHandleA
GetCommandLineW
FormatMessageW
GetCurrentThreadId
WaitForSingleObject
GetModuleHandleW
GetModuleHandleW
SetEvent
GetTickCount
WaitForSingleObject
GetProcessHeap
GetTickCount
GetProcessHeap
GetModuleHandleA
WaitForSingleObject
GetTickCount
GetCurrentThreadId
LocalAlloc

gdi32

SelectObject
GetObjectW
DeleteObject
GetTextMetricsW
CreateCompatibleBitmap
GetStockObject
GetDeviceCaps
SetTextColor
DeleteDC
DeleteObject
SelectObject
SetTextColor
GetObjectW
GetStockObject
LineTo
GetTextMetricsW
PatBlt
GetDeviceCaps
SelectObject
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
BitBlt
PatBlt
GetTextMetricsW
SelectObject
GetDeviceCaps
GetTextMetricsW
GetStockObject
SelectObject
DeleteObject
GetDeviceCaps
DeleteObject
MoveToEx
DeleteDC
GetStockObject
MoveToEx
GetStockObject
PatBlt
GetObjectW
CreateCompatibleBitmap
DeleteDC
DeleteObject
GetObjectW
MoveToEx
GetDeviceCaps
BitBlt
SelectObject
GetStockObject
SetTextColor
GetTextMetricsW
GetStockObject
DeleteObject
GetObjectW
GetDeviceCaps
DeleteDC
CreateCompatibleBitmap
SetTextColor
GetTextMetricsW
GetTextMetricsW
CreateCompatibleDC
GetObjectW
GetDeviceCaps
GetObjectW
GetDeviceCaps
MoveToEx
SetTextColor
CreateCompatibleDC
GetTextMetricsW
GetObjectW
CreateCompatibleDC
GetTextMetricsW
BitBlt
DeleteDC
GetDeviceCaps
GetDeviceCaps
DeleteObject
GetStockObject
GetStockObject
GetObjectW
BitBlt
LineTo
SelectObject
CreateCompatibleBitmap
SetTextColor
MoveToEx
CreateCompatibleDC

ntdll

NtAllocateVirtualMemory

user32

ShowWindow
ReleaseDC
SetTimer
DestroyWindow
ShowWindow
GetWindowRect
ReleaseDC
ReleaseDC
PostMessageW
PostMessageW
ShowWindow
GetMessageW
GetDlgItem
SendMessageW
GetDlgItem
DestroyWindow
LoadIconW
GetDC
DestroyWindow
DefWindowProcW
ReleaseDC
DefWindowProcW
CreateWindowExW
GetDC
GetDlgItem
SetTimer
GetWindowRect
GetMessageW
GetDlgItem
PostMessageW
DefWindowProcW
SetTimer
GetMessageW
SendMessageW
SendMessageW
GetDlgItem
GetDlgItem
SendMessageW
GetDC
GetDlgItem
GetDC
DestroyWindow
DefWindowProcW
SendMessageW
GetMessageW
DefWindowProcW
LoadIconW
SendMessageW
SendMessageW
ReleaseDC
DefWindowProcW
DestroyWindow
GetWindowRect
DefWindowProcW
GetSystemMetrics
PostMessageW
SendMessageW
SendMessageW
GetSystemMetrics
ReleaseDC
DefWindowProcW
GetWindowRect
GetMessageW
SetTimer
GetMessageW
GetSystemMetrics
LoadIconW
LoadIconW
SetTimer
ReleaseDC
GetDC
SendMessageW
SetTimer
GetDC
GetDC
DestroyWindow
GetWindowRect
SetTimer
LoadIconW
DefWindowProcW
GetWindowRect
GetMessageW
GetSystemMetrics
DefWindowProcW
SendMessageW
GetDlgItem
LoadIconW
SendMessageW
ReleaseDC
DestroyWindow
SetTimer

Sections

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdc3af577e4500fdc54e0407b7169470

Headers

File Characteristics

Imports

kernel32

gdi32

ntdll

user32

Sections

.data Size: 24KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 106KB - Virtual size: 108KB

.rsrc Size: 2KB - Virtual size: 124KB

.data
Size: 24KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 106KB - Virtual size: 108KB

.rsrc
Size: 2KB - Virtual size: 124KB