c8a5b34cd0a42dbb9f284f5350bb03cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c8a5b34cd0a42dbb9f284f5350bb03cd_JaffaCakes118
Size

356KB
MD5

c8a5b34cd0a42dbb9f284f5350bb03cd
SHA1

c12de001cfc59513b8858078abe08d51e0e42c95
SHA256

c3f43692836e337d0311a88ff20aa0520dd4a028e1041e762ab841c64475d21f
SHA512

ef194832ce751216d191523b8a0a84ddab3c3aa8f435b3981c5ef10500c46b6f2f0b8f523e86c9c017324ca964133ba681d9cf3b54cbb6a55028d2e2ae371a13
SSDEEP

6144:UU+pz5SuZygpcgl4O+/RIx4j7mtSC9pPE4GhxdBHZTbLQD0V5EDwx414b6:UU45SuZygKhO+2RpPEnPDQDUiwx4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8a5b34cd0a42dbb9f284f5350bb03cd_JaffaCakes118

Files

c8a5b34cd0a42dbb9f284f5350bb03cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b33ec48dcb72400a376e3f8e8c8eabe0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteAtom
FindAtomA
GetLastError
DeleteFileA
CreateThread
WriteFile
ReadConsoleA
GetConsoleMode
GetFileSize
CreateProcessA
GetCPInfo
OpenFileMappingA
GlobalFree
DeleteFileW
CopyFileExW
CopyFileA
FindFirstFileA
ReadFile
CopyFileExA
ExitThread
CopyFileW
GetComputerNameA
GetComputerNameA
CreateDirectoryA
FindFirstFileA
CreateProcessA
FindAtomA
GetConsoleMode
CopyFileA
GetFileSize
GetStdHandle
DeleteAtom
OpenFile
GetFileTime
CopyFileExA
CopyFileExW

advapi32

RegEnumValueA
RegOpenKeyA
RegDeleteKeyW
RegQueryInfoKeyW
RegGetKeySecurity
RegDeleteValueW
RegCreateKeyW
RegReplaceKeyA
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyA
RegLoadKeyA
RegDeleteKeyA
RegCreateKeyExW
RegFlushKey
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyW
RegQueryValueA
RegOpenKeyExA

user32

LoadCursorA
GetWindowTextLengthA
GetFocus
GetWindowTextA
DialogBoxParamA
DrawTextW
CopyImage
GetDlgItem
EndDialog
GetMenu
CopyIcon
CreateIcon
LoadMenuA
AppendMenuA
DrawIconEx
CalcMenuBar
DrawIcon
IsMenu

comctl32

ImageList_LoadImageA
ImageList_Copy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Read
ImageList_Create
ImageList_DrawEx
ImageList_DragEnter
InitCommonControls
ImageList_GetIcon
ImageList_GetImageRect
ImageList_LoadImageW

gdi32

CopyMetaFileA
AddFontResourceA
BitBlt
RestoreDC
DeleteObject
ExtTextOutA
CreateSolidBrush
AbortPath
CancelDC
BeginPath
GetPixel
SetTextColor
ExcludeClipRect
CloseMetaFile
ClearBitmapAttributes
AddFontResourceExW
AddFontResourceW
GetPixel
AddFontResourceExA
CloseFigure
ClearBitmapAttributes
BeginPath
BitBlt
CloseMetaFile
CreateSolidBrush
SetTextColor
RestoreDC
AbortPath
AddFontResourceA
GetCurrentPositionEx
CancelDC
ExtTextOutA
CopyMetaFileA
GetBitmapBits
ExcludeClipRect
AddFontResourceExW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 307B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b33ec48dcb72400a376e3f8e8c8eabe0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

gdi32

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 291KB - Virtual size: 290KB

.bbs Size: - Virtual size: 232KB

.idata Size: 5KB - Virtual size: 4KB

.tls Size: - Virtual size: 307B

.rdata Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 72KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 291KB - Virtual size: 290KB

.bbs
Size: - Virtual size: 232KB

.idata
Size: 5KB - Virtual size: 4KB

.tls
Size: - Virtual size: 307B

.rdata
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 72KB