c8324705e3145e91b6b87e590dce2aa5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8324705e3145e91b6b87e590dce2aa5_JaffaCakes118
Size

320KB
MD5

c8324705e3145e91b6b87e590dce2aa5
SHA1

c057158221893e390d0249754029b93e9e1fa0e6
SHA256

9cc3e32de02b8a2cbe66548ee81effc79e406a292165853bb72cb3474ccd91e9
SHA512

8c4b9077bf39620c722fe3b5bb703e87d57b0a9cba00faa0f48ada020663a0e8483f34fd6dc461e1bc8662aa5dc13b0e75b482e416f35c4f86f7959b2c3e3a8e
SSDEEP

6144:ePr/+DP4MFcqLsHRrynUZrKZy4hGMbchi/nLUasE7+9ZZeXIeH8/pc:eKDP4MFlMyUZrinbchi/LUa69ZZeXIeb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8324705e3145e91b6b87e590dce2aa5_JaffaCakes118

Files

c8324705e3145e91b6b87e590dce2aa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

831b9fc2e6ccefd463893cca070b7fa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
ControlService
CreateServiceA
CryptSignHashA
DeregisterEventSource
ImpersonateNamedPipeClient
InitializeSecurityDescriptor
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegisterEventSourceA
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl
StartServiceA
RegEnumKeyExW
RegOpenKeyExW
RegisterEventSourceW
ReportEventW

gdi32

PlayMetaFile
ResetDCW
SetMiterLimit
EnumFontFamiliesA

kernel32

CloseHandle
CompareStringA
CreateConsoleScreenBuffer
CreateEventA
CreateFileA
CreateNamedPipeA
DeviceIoControl
DisconnectNamedPipe
EnterCriticalSection
FormatMessageA
FormatMessageW
FreeLibrary
FreeUserPhysicalPages
GetDriveTypeA
GetDriveTypeW
GetFileAttributesA
GetFileAttributesExA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetProcAddress
GetSystemDirectoryA
GetVersionExA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalAlloc
ReadFile
ResetEvent
SetEvent
SetFileAttributesA
Sleep
TerminateThread
Toolhelp32ReadProcessMemory
VirtualAllocEx
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
VirtualAlloc
CreateThread
ExitThread
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
LocalFree
MulDiv
lstrlenW
ExitProcess
LoadResource
FindResourceA
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetSystemInfo
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetCommandLineA
GetStartupInfoA

ole32

ReleaseStgMedium
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleQueryLinkFromData
HENHMETAFILE_UserSize

oleaut32

SafeArrayRedim
VarDecFromCy
VarR8FromUI4
VariantChangeType
VarDateFromUI1

rpcrt4

NdrServerMarshall
RpcBindingSetAuthInfoExA
RpcServerInqIf
NdrVaryingArrayBufferSize

user32

GetDlgItemTextW
GetFocus
GetMenu
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuStringW
GetParent
GetSubMenu
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
InflateRect
InsertMenuW
IsChild
IsWindow
IsWindowEnabled
IsWindowVisible
LoadCursorW
LoadMenuW
LoadStringW
MapWindowPoints
PostMessageW
GetDlgItem
ScreenToClient
SendMessageW
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TrackPopupMenu
WinHelpW
wsprintfW
DefWindowProcW
DdeInitializeW
CreatePopupMenu
CreateMenu
ChildWindowFromPoint
CheckMenuRadioItem
CheckMenuItem
wsprintfA
keybd_event
GetLastInputInfo
CharUpperA
GetDlgCtrlID
GetClientRect
GetAsyncKeyState
EnableWindow
EndDeferWindowPos
EnableMenuItem
DrawMenuBar
DestroyMenu
DestroyIcon
PostThreadMessageW
DeleteMenu

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

831b9fc2e6ccefd463893cca070b7fa3

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 4KB - Virtual size: 2KB