b8df33e5fd83e375b8e79b30e12a3547_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8df33e5fd83e375b8e79b30e12a3547_JaffaCakes118
Size

3.1MB
MD5

b8df33e5fd83e375b8e79b30e12a3547
SHA1

4a9713c4151b3b1b0d3079a9a7d54a5ee2b149d0
SHA256

a5bcbc97d5e8d45d60ae46233a54e12b5ab29f1b7189b6223458eae7ed616ed5
SHA512

098c6b9ed4a53a387fc3cddd24b0b262d4de310adc6510e33e40deeaa71c4c6ddc7607259068803302bef939f5e76a23c699e57df9e7d519cf4b1a610f69faeb
SSDEEP

49152:qf2L1Za3cEv0YuiJbGLqpu3d9SDx/oNUBmp9vCpGsT1NYD1B3iH04XIB66J:qOL1Za3RvVu2Ed8vB0KTPwiHV4ce

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8df33e5fd83e375b8e79b30e12a3547_JaffaCakes118

Files

b8df33e5fd83e375b8e79b30e12a3547_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2e28877ad2dc956beaec9414d8551cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
SetStdHandle
SetHandleCount
GetStdHandle
SetEndOfFile
ReadFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
WriteFile
MultiByteToWideChar
GetModuleHandleA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
HeapCreate
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetFileAttributesA
CreateDirectoryA
CreateFileA
GetFileType
CloseHandle
HeapAlloc
HeapFree
GetLastError
GetVersionExA
GlobalAlloc
GlobalLock
SetEnvironmentVariableW
GlobalFree
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
CreateMutexA
InterlockedExchange
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
lstrlenA
lstrcmpiA
lstrcpynA
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetVersion
GetCommandLineA
LoadLibraryA
GetStartupInfoA
LCMapStringA
MulDiv
EnterCriticalSection
GetProcessHeap
LeaveCriticalSection
FileTimeToSystemTime
lstrcpyA
GlobalUnlock
SetFileTime
SetFileAttributesA
FileTimeToLocalFileTime
GetVolumeInformationA
GetFullPathNameA
SetVolumeLabelA
GetDriveTypeA
GetFileTime

user32

SetWindowLongA
GetParent
SetTimer
KillTimer
DestroyWindow
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
RegisterClassA
GetMessageA
TranslateMessage
DialogBoxParamA
SetActiveWindow
MessageBoxA
PeekMessageA
DispatchMessageA
GetDlgItem
GetDC
SendMessageA
SetWindowTextA
OemToCharA
wsprintfA
SetDlgItemTextA
EndDialog
PostMessageA

gdi32

CreateSolidBrush
GetStockObject
GetDeviceCaps
CreateFontA
DeleteObject
SetBkColor

comctl32

PropertySheetA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

advapi32

IsValidSecurityDescriptor
GetSecurityDescriptorLength
SetKernelObjectSecurity
GetKernelObjectSecurity
GetSecurityDescriptorControl
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2e28877ad2dc956beaec9414d8551cf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

advapi32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 28KB - Virtual size: 40KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 28KB - Virtual size: 40KB

.rsrc
Size: 4KB - Virtual size: 3KB