dbbc8dc497ffe39b19b967cfd3325269_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbbc8dc497ffe39b19b967cfd3325269_JaffaCakes118
Size

344KB
MD5

dbbc8dc497ffe39b19b967cfd3325269
SHA1

8d0a213cce7cbe83ae4341629d36a8b7b1962906
SHA256

10267e198eed08f01393bc3a75987408ebf9b2768f2f815d9f62be36475954c6
SHA512

6de001920d93b17286a4fc068fff620546906d23a664da6078c24fa6c4152c8d92f1db74176cabff197b89267a360ff8755ff3b3373c0bb21808e9fab9e81a3c
SSDEEP

6144:8iqwnfGJh8XUMg4AgQlIaXaR5d0vBg2MPWLn+3Ukz/aZ+WP:8iPfOHMWgSIaX2T2DLn+37eP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbbc8dc497ffe39b19b967cfd3325269_JaffaCakes118

Files

dbbc8dc497ffe39b19b967cfd3325269_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00323586feaaf6aa942518e16159341c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHQueryRecycleBinA
DragFinish
SHGetFileInfoW
SHGetInstanceExplorer

comctl32

CreateUpDownControl
ImageList_DragEnter
ImageList_SetBkColor
ImageList_Read
ImageList_Add
ImageList_Draw
CreateStatusWindow
InitCommonControlsEx
MakeDragList

kernel32

HeapCreate
DeleteCriticalSection
RtlUnwind
ExitProcess
GetVersionExA
GetStartupInfoA
SetEnvironmentVariableA
SetConsoleTextAttribute
OpenMutexA
SetLocaleInfoA
GetExitCodeThread
TlsGetValue
GlobalUnfix
SetConsoleWindowInfo
SetFilePointer
TlsSetValue
FillConsoleOutputCharacterA
EnumSystemCodePagesW
GetStringTypeA
TlsFree
MultiByteToWideChar
FlushFileBuffers
IsBadWritePtr
HeapFree
GetCurrentProcess
WideCharToMultiByte
CompareStringW
lstrcmp
LoadLibraryA
GetStdHandle
WriteConsoleW
EnumSystemCodePagesA
TerminateProcess
GetProcAddress
GetACP
GetLocaleInfoA
GetCurrentThread
HeapReAlloc
IsValidLocale
RtlZeroMemory
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetLocaleInfoW
GetSystemInfo
GetCurrentThreadId
CreateMutexA
GetEnvironmentStringsW
GetStringTypeW
GetDateFormatA
LCMapStringW
GetDiskFreeSpaceW
GetTickCount
VirtualAlloc
WriteConsoleOutputCharacterA
InitializeCriticalSection
CloseHandle
UnhandledExceptionFilter
GetTimeZoneInformation
GetTempFileNameA
GetModuleHandleA
GetEnvironmentStrings
GetCurrentProcessId
OpenFile
HeapDestroy
GetUserDefaultLCID
MoveFileA
VirtualProtect
FreeEnvironmentStringsA
GlobalUnlock
IsValidCodePage
EnterCriticalSection
CompareStringA
VirtualFree
SetStdHandle
SetLastError
GetOEMCP
GetCPInfo
EnumSystemLocalesA
GetTimeFormatA
ReadFile
QueryPerformanceCounter
LCMapStringA
LeaveCriticalSection
GetCurrencyFormatA
GetLastError
TlsAlloc
SetHandleCount
GetFileType
FreeEnvironmentStringsW
LockResource
VirtualQuery
GetCommandLineA
HeapAlloc
HeapSize
WriteFile
InterlockedExchange
GetModuleFileNameA

user32

LoadCursorFromFileA
DdeCreateStringHandleA
ExitWindowsEx
MessageBoxA
MessageBeep
RegisterClassExW
ArrangeIconicWindows
GetMenuState
UnhookWinEvent
IsWindowVisible
BroadcastSystemMessage
RealGetWindowClass
TranslateMDISysAccel
ScrollDC
LoadStringA
CharPrevW
GetClipboardFormatNameW
LoadImageA
RegisterClassA
MessageBoxExW
RegisterClassExA
CreateIconFromResource
ModifyMenuW
OpenIcon

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00323586feaaf6aa942518e16159341c

Headers

File Characteristics

Imports

shell32

comctl32

kernel32

user32

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 17KB - Virtual size: 29KB

.data Size: 90KB - Virtual size: 90KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 17KB - Virtual size: 29KB

.data
Size: 90KB - Virtual size: 90KB

.rsrc
Size: 12KB - Virtual size: 11KB