b8eecb743fec005cf65d1cb034e953e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8eecb743fec005cf65d1cb034e953e9_JaffaCakes118
Size

146KB
MD5

b8eecb743fec005cf65d1cb034e953e9
SHA1

e3f70e787ac57ed955347db8300521f5dfaf009f
SHA256

5635670511daca536ceae4272341baf4f097c0954b29b981f96d2ad1d6a1f19b
SHA512

c4417066788afb1a16e4f3830c4ae2cb69719168d6b24d5076289ec3c71ba43899d18be26908183454fbb4624ee927242c2488b752a5eec870580d2c17ea2bdd
SSDEEP

1536:RGMJbUzcNHmscubtjsjEDbzgtlVNpAU9bjN3A18Y+i4G6KzHwymmpYKgm0fW4u6Z:7AcV/baEDbkXSU9bZpcD9uKgtfJv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8eecb743fec005cf65d1cb034e953e9_JaffaCakes118

Files

b8eecb743fec005cf65d1cb034e953e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a71b48c35d131ca2663363b4f59be2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_vsnprintf
strlen
memset

shlwapi

StrStrIA
PathIsContentTypeA
SHRegCloseUSKey
SHCopyKeyA
StrCmpNIW
ord157

shell32

ord80
ord191

kernel32

SetupComm
HeapAlloc
GetCurrentProcess
SetMailslotInfo
SetHandleInformation
SetEvent
BackupSeek
lstrcpyA
lstrcpynW
TerminateProcess
BackupRead
BackupWrite
MoveFileW
FindClose
ResetEvent
MoveFileA
GetProfileStringA
EnumResourceNamesA
DuplicateHandle
CloseHandle
ResetWriteWatch
GetModuleHandleA
WriteProfileStringA
LoadLibraryA
GetProcAddress
lstrcmpiA
GetTimeZoneInformation
GetNamedPipeInfo
GetTempFileNameW
FormatMessageW
_lcreat
CompareFileTime
FileTimeToDosDateTime
SetFileShortNameW

user32

EnumPropsW
EndPaint
IsWindowVisible
CreateDialogParamW
GetDCEx
GetKeyboardState
CharLowerW
CharPrevA
DlgDirSelectExA
CreateCursor
LoadImageW
TranslateAcceleratorW
EnumPropsExA
PostMessageW
SetMenuItemBitmaps
BeginPaint
SetPropW
GetScrollBarInfo
TranslateMessage
LoadAcceleratorsW
GetWindowTextA
ScrollDC
GetAltTabInfoA
PeekMessageW
ReleaseDC
ScrollWindow
GetComboBoxInfo
SetWindowTextA
GetPropW
DispatchMessageW
GetParent
GetDC
SetMenuItemInfoW
GetWindowRgn

gdi32

UpdateColors
GetTextMetricsA
SetBoundsRect
OffsetClipRgn
GetWorldTransform
SetTextColor
LineTo
GetGlyphIndicesW
FillRgn
GetCharABCWidthsA
CreateBitmap
DeleteDC
SetWindowExtEx
DescribePixelFormat
CreateCompatibleDC
SetDIBitsToDevice
GetBitmapBits
CreateDiscardableBitmap
GetTextCharset

advapi32

InitializeSid
GetSidLengthRequired
GetSidSubAuthority
EqualSid
PrivilegedServiceAuditAlarmA

Exports

Exports

__LoadLibrary@12
__VirtualAllocEx@12

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TEMP
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pedata
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a71b48c35d131ca2663363b4f59be2e

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.code Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 340B

TEMP Size: 3KB - Virtual size: 3KB

.pedata Size: 512B - Virtual size: 476B

.rsrc Size: 126KB - Virtual size: 126KB

.reloc Size: 1024B - Virtual size: 836B

.text
Size: 2KB - Virtual size: 1KB

.code
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 340B

TEMP
Size: 3KB - Virtual size: 3KB

.pedata
Size: 512B - Virtual size: 476B

.rsrc
Size: 126KB - Virtual size: 126KB

.reloc
Size: 1024B - Virtual size: 836B