bf8e4f11e173fcd8068b801a23f5a437_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf8e4f11e173fcd8068b801a23f5a437_JaffaCakes118
Size

360KB
MD5

bf8e4f11e173fcd8068b801a23f5a437
SHA1

92b0ad594861d27e9eea7753066e5806cb5463a9
SHA256

ebb32ec8fd71d29935bdc5a4222108bc770a8a1a1fcff8e77430fb33ff1ee26a
SHA512

0664d919bb5ab9ca4ba783738574df2443780dccd4fc13254852560061c5cbb7a3a96ec64df31205aa2b10095b1876df6117da4409e3afcb359fe137902840f9
SSDEEP

6144:Ao240Y9itQO2RKmvZhtALCTNFgTqLrIRjxpXRaQF5m6Orpe6YusIib:z240Y9QQO2LBjOCTNF4hRDnm1rpeDzI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8e4f11e173fcd8068b801a23f5a437_JaffaCakes118

Files

bf8e4f11e173fcd8068b801a23f5a437_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c714aab10d73a9a02d2f94d751d736d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\mivaerbyp\ohvb\uxo\hpe\etoakeecan\sncxqxze.pdb

Imports

kernel32

HeapAlloc
TlsSetValue
WriteConsoleW
GetConsoleMode
LoadLibraryA
GetCPInfo
GetUserDefaultLCID
CreateFileA
IsValidLocale
CloseHandle
CreateEventW
GetConsoleOutputCP
GetOEMCP
GetModuleHandleA
GetVersionExA
ReadConsoleA
SetHandleCount
GetCurrentProcess
InterlockedDecrement
GetMailslotInfo
GetCurrentThreadId
GetStdHandle
SetEnvironmentVariableA
VirtualProtect
ReadFile
GetStringTypeA
CreateMutexA
GetDateFormatA
GetNamedPipeInfo
VirtualAlloc
EnterCriticalSection
UnhandledExceptionFilter
CreateFileMappingA
GetSystemTimeAsFileTime
GetACP
FreeEnvironmentStringsW
LCMapStringA
LCMapStringW
GetLastError
lstrlenW
WideCharToMultiByte
InterlockedIncrement
HeapReAlloc
GetLocaleInfoW
GetCommandLineA
QueryPerformanceCounter
WriteFile
SetLastError
SetConsoleCtrlHandler
HeapDestroy
OpenMutexA
GetTickCount
GetStringTypeW
Sleep
CompareStringA
GetDiskFreeSpaceExA
GetTimeFormatA
InterlockedExchange
FindResourceA
GetEnvironmentStrings
CreateNamedPipeA
GetConsoleCP
EnumSystemLocalesA
GetStartupInfoA
RtlUnwind
TlsGetValue
CompareStringW
GetEnvironmentStringsW
ExitProcess
GetTimeZoneInformation
VirtualFree
GetPrivateProfileSectionW
SetStdHandle
InitializeCriticalSection
HeapCreate
HeapSize
GetCurrentThread
VirtualQuery
DeleteCriticalSection
TerminateProcess
GetProfileSectionA
IsDebuggerPresent
HeapFree
LeaveCriticalSection
GetStringTypeExA
GetCurrentProcessId
FreeLibrary
GetProcessHeap
GetProcAddress
IsValidCodePage
FlushFileBuffers
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsA
TlsAlloc
WriteConsoleA
WaitNamedPipeA
GetFileType
GetLocaleInfoA
SetUnhandledExceptionFilter
TlsFree
MultiByteToWideChar

advapi32

InitiateSystemShutdownA
CryptAcquireContextA
LookupSecurityDescriptorPartsW
RegSaveKeyW
CryptEnumProviderTypesA
CryptImportKey
CryptEnumProviderTypesW
CryptDestroyKey
CryptSetProviderExA
RegSetValueExA
RegCreateKeyA
RegRestoreKeyA
StartServiceW

comctl32

GetEffectiveClientRect
DrawInsert
CreateUpDownControl
CreatePropertySheetPage
CreateMappedBitmap
ImageList_Remove
InitMUILanguage
ImageList_SetFilter
DrawStatusText
ImageList_LoadImage
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Add
ImageList_SetDragCursorImage
CreateToolbar
ImageList_Replace
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_SetFlags
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_EndDrag
ImageList_Write
InitCommonControlsEx
ImageList_DragLeave

user32

EnumDisplaySettingsExA
SetWindowsHookExA
RegisterClassExA
DefWindowProcA
InSendMessageEx
MessageBoxW
CreateWindowExA
GetMenuItemInfoA
FlashWindowEx
PeekMessageW
GetDialogBaseUnits
IsCharUpperW
DestroyWindow
CharToOemBuffA
GetSystemMenu
LoadIconW
MessageBoxA
SetParent
LoadCursorFromFileA
RegisterClassA
ShowWindow
LookupIconIdFromDirectory
CharUpperW

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c714aab10d73a9a02d2f94d751d736d

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 99KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 99KB

.rsrc
Size: 36KB - Virtual size: 32KB