b8ab5d7ba7cd35007c043ccb3786fa31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8ab5d7ba7cd35007c043ccb3786fa31_JaffaCakes118
Size

2.1MB
MD5

b8ab5d7ba7cd35007c043ccb3786fa31
SHA1

74cef9eb87a83f5bbf59bdaab814bcee9d95599a
SHA256

4c017f49fc25c4a831c9bb452ed5d705a0e9310e819f7f49e5154470d32fb0c9
SHA512

f70147ee2ebf0e580fc7ba00e30ae7924cf52da1d2c0f85e6dfddb7730f9cff4ff86933c185216e02c78606a4417d15855af1314e0b590d7edd293c4f904bc3e
SSDEEP

49152:rEJA89GV9A9VjmZ7h0w2Tl/UogvQAbzPIfwZQKy0P2i:R89Gj6jhwil/qXIAQKyo2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ab5d7ba7cd35007c043ccb3786fa31_JaffaCakes118

Files

b8ab5d7ba7cd35007c043ccb3786fa31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c113f2c24279e947ee49369ba59863c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_DragShowNolock

version

VerQueryValueA

gdi32

GetDeviceCaps
GetNearestPaletteIndex
StretchBlt
GetRgnBox
SetTextJustification
GetBitmapBits
EndDoc
SetWindowExtEx
PtInRegion
CloseMetaFile

kernel32

GetSystemDirectoryW
GetCommModemStatus
GetTapeParameters
GetCurrentProcessId
SetHandleCount
_lread
FreeResource
SizeofResource
ReadFile
FreeLibrary
VirtualQuery
FillConsoleOutputCharacterA
GetLargestConsoleWindowSize
FindCloseChangeNotification
SetConsoleTitleA
SetThreadAffinityMask
EraseTape
GetNumberFormatW
SetErrorMode
TlsGetValue
SuspendThread
GetEnvironmentStringsW
VirtualLock
EnumSystemCodePagesW
VirtualAllocEx
CreateFileW
OpenMutexA
FreeLibraryAndExitThread
GetOEMCP
GetLogicalDriveStringsA
GetProfileIntA
SetMailslotInfo
SetEnvironmentVariableW
SetTimeZoneInformation
VirtualUnlock
PeekNamedPipe
LocalSize
GetFileAttributesExA
ExitProcess
GetThreadContext
VirtualAlloc

user32

LoadAcceleratorsA
IsWindowEnabled
EnumDisplayDevicesW
CallWindowProcA
DialogBoxIndirectParamW
GetIconInfo
GetKeyNameTextA
CopyAcceleratorTableW
DestroyCursor
GetWindowTextW
EnableScrollBar
CharNextW
CharNextExA
InsertMenuItemA

advapi32

ObjectCloseAuditAlarmW
LookupAccountNameA
StartServiceW
InitiateSystemShutdownW
CopySid
CryptDecrypt

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c113f2c24279e947ee49369ba59863c

Headers

File Characteristics

Imports

comctl32

version

gdi32

kernel32

user32

advapi32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB