b8a074fa5d74f82bb463bd775a646918_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8a074fa5d74f82bb463bd775a646918_JaffaCakes118
Size

180KB
MD5

b8a074fa5d74f82bb463bd775a646918
SHA1

9fe93b4324157cdacba4ccfc44a3e829e4182566
SHA256

5f84a6f5c28b7f4e402032085bd9a53fe4b47c18f12dc10a39837b2e4f083401
SHA512

ec9e4670136a9bd863ecd8cd05f9fe018c4a3c7e3b349a119b82a6ca066639427a762951ce0deed164b254353a24114cd34ecc16115606464d136e3989c07abe
SSDEEP

3072:0nn3Yk3/EO/DjaaLb8xZpBw2pOU49IW0oWSH8gnHBWzr0gXc:0nh38ObjaaLsM930o0gnHBir0gM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8a074fa5d74f82bb463bd775a646918_JaffaCakes118

Files

b8a074fa5d74f82bb463bd775a646918_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81baa20e5b19324cd0e392b3bdd9caf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageW
IsMenu
SetForegroundWindow
DrawAnimatedRects
MoveWindow
GetForegroundWindow
CreatePopupMenu
GetNextDlgTabItem
MapVirtualKeyW
CloseWindow
SetFocus
GetTabbedTextExtentW
SetActiveWindow
FindWindowW
PeekMessageW
DestroyWindow
EnumChildWindows
ShowWindow
TrackPopupMenu
GetMenuItemInfoW
LockWindowUpdate
SetWindowRgn
GetLastActivePopup
DestroyMenu

ole32

DoDragDrop
CoCreateInstance
OleRun

comctl32

InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetImageInfo
PropertySheetW
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Destroy
_TrackMouseEvent
ImageList_AddMasked
ImageList_Add
ImageList_ReplaceIcon
ImageList_Draw

gdi32

EnumFontFamiliesW
Rectangle
GetDIBits
SetBoundsRect
ExtFloodFill
SetDIBits
StretchDIBits
GetStockObject
Escape
GetTextExtentPoint32W
Ellipse
GetTextAlign
GetTextColor
CreateFontW
GetBkColor
RoundRect
GetCharWidthW
SetPixelV
CombineRgn
CreateRectRgnIndirect
CreateDIBSection

kernel32

LoadLibraryA
GetLastError
QueryDosDeviceW
LoadLibraryW
GetPrivateProfileStringW
lstrcpyW
GetVersion
WritePrivateProfileStringW
SetThreadPriority
GlobalFree
ResumeThread
DeleteCriticalSection
FindCloseChangeNotification
GetModuleHandleW
lstrcmpW
GetProcessId
MultiByteToWideChar
FreeLibrary
LoadResource
LoadLibraryExW
FileTimeToLocalFileTime
FindNextChangeNotification
GlobalSize
CreateThread
SetFileAttributesW
GetNumberFormatW
GetProcAddress
lstrcpynW
LockResource
InitializeCriticalSection
GlobalAlloc
EnumResourceTypesA
GlobalUnlock
InterlockedDecrement
DeleteFileW
MulDiv
GlobalLock
GetACP
QueryPerformanceCounter
GetCurrentDirectoryW
WideCharToMultiByte
GetLocaleInfoW
GetThreadLocale
lstrlenW
GetTickCount
Sleep
GetVersionExA
WaitForSingleObject
GetSystemTimeAsFileTime
ExitProcess
GetCurrentThreadId
FileTimeToSystemTime
InterlockedIncrement
GetVersionExW
GetFileAttributesW
GetPrivateProfileIntW
InterlockedExchange
FindClose
CloseHandle
FindFirstFileW
GetLocaleInfoA
LocalFree
GetModuleFileNameW
FindResourceW
FindFirstChangeNotificationW
GetCurrentProcessId

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81baa20e5b19324cd0e392b3bdd9caf3

Headers

File Characteristics

Imports

user32

ole32

comctl32

gdi32

kernel32

advapi32

gdiplus

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 72KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 72KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 72KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 72KB