bb37b474c4733c15a94373df4cd35949_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bb37b474c4733c15a94373df4cd35949_JaffaCakes118
Size

519KB
MD5

bb37b474c4733c15a94373df4cd35949
SHA1

2374509bc8c17434b0fad334cac5609d8d136d80
SHA256

cede8d87d782db6bcbf9393b58075b4835c6669f83622f1f7b7d1668bf26316e
SHA512

7130072e80d6f6a3bf111c89f0f89af1abe11633e7e681eecd1d76b94f5dc2423065b11a8fb910bc64a31ceb6db6deb2843c2bb86e7de90b09ad8f6b19fbfc74
SSDEEP

12288:3/gqo8tUoXmL+sSyiRnQuSOia7rj3cVSpUmtrE/C:3/gqh7miganQuSQsVhmtrE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb37b474c4733c15a94373df4cd35949_JaffaCakes118

Files

bb37b474c4733c15a94373df4cd35949_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8e472ae6a316f5f3e6f040dc7a0be97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

CreateIconIndirect
GetKeyboardLayout
OpenWindowStationA
RegisterClassExA
IsWindowUnicode
ShowCaret
SetWindowTextW
SendInput
MapVirtualKeyA
SetDeskWallpaper
DdeNameService
CallMsgFilterW
UnregisterClassW
MoveWindow
RegisterClassA
GetTopWindow
GetWindow
LoadMenuA
LoadBitmapW
LoadImageW

kernel32

CreateMutexA
SetConsoleCtrlHandler
CompareStringA
GetTickCount
HeapSize
InterlockedIncrement
ExitProcess
GetTimeFormatA
HeapReAlloc
GetACP
GetLocaleInfoA
ExitThread
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
UnhandledExceptionFilter
HeapAlloc
HeapDestroy
WriteConsoleA
lstrcpyW
GetStartupInfoW
GetStringTypeW
GetFileType
GetThreadLocale
EnumCalendarInfoExA
GetDiskFreeSpaceExW
EnumResourceNamesA
GetModuleFileNameW
GetConsoleOutputCP
Sleep
GetEnvironmentStringsW
GetOEMCP
EnumSystemLocalesA
GetCommandLineA
TlsSetValue
LoadLibraryA
WideCharToMultiByte
CompareFileTime
GetModuleHandleW
HeapCreate
IsDebuggerPresent
TerminateProcess
FlushFileBuffers
DeleteCriticalSection
GetCurrentProcess
IsValidCodePage
GetLastError
CompareStringW
EnterCriticalSection
CreateFileA
GetCommandLineW
GetCurrentThreadId
SetHandleCount
LeaveCriticalSection
TlsAlloc
GetCurrentThread
TlsFree
IsValidLocale
GetConsoleCP
SetLastError
GlobalHandle
SetEnvironmentVariableA
WritePrivateProfileSectionW
HeapFree
InterlockedExchange
VirtualAlloc
GetConsoleMode
CloseHandle
GetStdHandle
SetFilePointer
GetTimeZoneInformation
ReadFile
LCMapStringA
OpenMutexA
GetModuleHandleA
GetCPInfo
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
RtlUnwind
SetFileTime
lstrcmpA
WriteConsoleW
GetSystemTimeAsFileTime
GetLocaleInfoW
GetStringTypeA
GetDateFormatA
WriteFile
FreeLibrary
InterlockedDecrement
VirtualFree
InitializeCriticalSectionAndSpinCount
LCMapStringW
SetStdHandle
GetUserDefaultLCID
GetProcAddress
GetTempFileNameW
VirtualQuery
TlsGetValue
MoveFileExW

gdi32

SetDeviceGammaRamp

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8e472ae6a316f5f3e6f040dc7a0be97

Headers

File Characteristics

Imports

comctl32

user32

kernel32

gdi32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 10KB - Virtual size: 14KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 10KB - Virtual size: 14KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 5KB - Virtual size: 5KB