bbf713fdee628bc305158cda1a48d1b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbf713fdee628bc305158cda1a48d1b9_JaffaCakes118
Size

102KB
MD5

bbf713fdee628bc305158cda1a48d1b9
SHA1

eda55c5443d3064941bfc1dedc75f6e658c8d6ab
SHA256

e78ae1b4e0323d99b9b212d1ffa6937c0422e0f6e32a7ef43f238a3ba39d81aa
SHA512

a6ede4a9cdcccc57b7347dc39a4373488542ccb7b27dbd93ddc9f908fd90420b8449c2dc05066d4773e322275551502fe4fe2c9b1c4519c414ab31c76b514984
SSDEEP

1536:w9vEOWHitBKESgxQGYDfw9CSupuaQ9o1Oia6Rj0t9Zb7krHRMbs5U45bljr2cY/c:wRAQKbr4Q1U/Iy6oZbQb5blcf417FoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf713fdee628bc305158cda1a48d1b9_JaffaCakes118

Files

bbf713fdee628bc305158cda1a48d1b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de63bdf1b67e0a125ead5054e5752560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptDecodeObject
CryptMsgGetParam
CryptMsgClose
CertFindCertificateInStore
CryptQueryObject
CertFreeCertificateContext
CertGetNameStringW
CertEnumSystemStoreLocation
CertCloseStore

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW

oleacc

CreateStdAccessibleObject

user32

CallWindowProcW
EndPaint
SendMessageW
DestroyWindow
GetWindowRect
LoadBitmapW
ReleaseDC
LoadIconW
GetDlgItemTextW
GetDlgItem
DefWindowProcW
SetDlgItemTextW
ScreenToClient
GetWindowLongW
LoadStringW
MessageBoxW
AdjustWindowRect
GetSystemMetrics
BeginPaint
PostMessageW
MoveWindow
GetClientRect
GetWindowDC
GetParent
SetWindowLongW
SetWindowPos
CreateWindowExW

gdi32

CreateSolidBrush
DeleteObject
CreateFontIndirectW
GetObjectW
GetDeviceCaps
SetBkColor
SetBkMode

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

GetSystemDirectoryW
LoadLibraryExW
InterlockedIncrement
LoadLibraryW
InterlockedDecrement
ReadFile
HeapDestroy
TlsSetValue
GetStringTypeA
UnhandledExceptionFilter
SetFilePointer
TlsFree
CancelWaitableTimer
FreeLibrary
GetStringTypeW
GetConsoleOutputCP
GetOEMCP
GetEnvironmentStrings
GetProcessVersion
LCMapStringW
GetStdHandle
WideCharToMultiByte
GetFileAttributesW
SetUnhandledExceptionFilter
GetVersionExA
GetModuleFileNameW
FlushFileBuffers
GetUserDefaultUILanguage
SetLastError
SetStdHandle
CreateFileW
GetModuleFileNameA
WriteFile
LCMapStringA
HeapCreate
DeleteCriticalSection
GetSystemTimeAsFileTime
GetProcAddress
VirtualFree
GetCurrentProcess
HeapAlloc
WriteConsoleW
CloseHandle
HeapReAlloc
IsValidCodePage
QueryPerformanceCounter
IsDebuggerPresent
GetFileType
TlsAlloc
ExitProcess
Sleep
GetCurrentProcessId
GetConsoleMode
GetStartupInfoA
VirtualAlloc
ExitProcess
RtlUnwind
EnterCriticalSection
HeapSize
GetLocaleInfoA
CreateDirectoryW
WriteConsoleA
TerminateProcess
GetModuleHandleA
FreeEnvironmentStringsA
MultiByteToWideChar
RaiseException
GetCurrentThreadId
SetHandleCount
GetProcessHeap
GetCommandLineA
HeapFree
TlsGetValue
GetACP
FreeEnvironmentStringsW
LeaveCriticalSection
GetConsoleCP
BeginUpdateResourceW
GetCPInfo
UpdateResourceW
EndUpdateResourceW
GetTickCount
CreateFileA
LoadLibraryA
GetFileSize
InitializeCriticalSection
GetEnvironmentStringsW
GetLastError

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de63bdf1b67e0a125ead5054e5752560

Headers

File Characteristics

Imports

crypt32

shell32

oleacc

user32

gdi32

ole32

kernel32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 68KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 68KB