eb8aced993da7b5da70bcabc0738624c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb8aced993da7b5da70bcabc0738624c_JaffaCakes118
Size

512KB
MD5

eb8aced993da7b5da70bcabc0738624c
SHA1

b39858587621f105d08d98e0bfea500805eedcd4
SHA256

2c254562143d68f659bd9c77711d7357b051c2af755e8b8014eba5c60532db5e
SHA512

4f94f2c99968704de3ccbf64175a89ebb6fb5f231ad8e80d48ca09a1a21cc51a0c583f302127792ef96c998d996aed66708b559c3be35ae5f779658e2eaf50ea
SSDEEP

12288:L/FPfyqE0agcs+ndwap1MESuazEuI20QN:LhYPs+ndweJazEuI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb8aced993da7b5da70bcabc0738624c_JaffaCakes118

Files

eb8aced993da7b5da70bcabc0738624c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb9d00b019eb359110536a3663dbd607

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GetVersion
FindResourceExW
SetHandleCount
GetPrivateProfileStringW
GetTapeStatus
FormatMessageW
CreatePipe
GetSystemDefaultLangID
SetConsoleOutputCP
CreateIoCompletionPort
GetLocaleInfoW
EnumDateFormatsW
GlobalFindAtomW
WriteProcessMemory
CompareStringW
FreeLibraryAndExitThread
PeekConsoleInputW
DebugBreak
WaitNamedPipeA
WritePrivateProfileSectionW
GetLargestConsoleWindowSize
GlobalFlags
OpenMutexA
FindNextChangeNotification
SetMailslotInfo
EnumResourceNamesA
SuspendThread
GetCommState
GetDateFormatA
ScrollConsoleScreenBufferA
GetTempPathW
VirtualProtect
GetOverlappedResult
SetCurrentDirectoryA
_lopen
PrepareTape
ClearCommBreak
Beep
ReadDirectoryChangesW
EndUpdateResourceA
ExitThread
GlobalFindAtomA
lstrcpynA
DosDateTimeToFileTime
CreateDirectoryA
WriteConsoleOutputW
WritePrivateProfileStructA
EnumCalendarInfoA
GetVolumeInformationW
GetTapeParameters
WritePrivateProfileSectionA
_lread
EnumTimeFormatsW
DeleteFiber
lstrcmpiA
GlobalFree
VirtualFree
GetProfileStringA
DeleteCriticalSection
GlobalGetAtomNameW
GetLogicalDriveStringsA
RemoveDirectoryW
WritePrivateProfileStringA
RemoveDirectoryA
GetFileAttributesA
GetFileType
GetFullPathNameA
GetAtomNameA
SetProcessWorkingSetSize
OpenFile
SetCommTimeouts
RaiseException
GetCommandLineA
VirtualAlloc
VirtualUnlock
ExitProcess

user32

SendInput
LoadMenuIndirectA
SendMessageW
DrawEdge
GetKeyNameTextW
SetScrollInfo
EnableMenuItem
CharLowerBuffW
ToAscii
MessageBoxA
SendDlgItemMessageW
DialogBoxParamW
GetQueueStatus
GetClipboardSequenceNumber
ChangeDisplaySettingsExA
FindWindowA
LoadMenuIndirectW
EnumDesktopsW
CharToOemW
ChildWindowFromPointEx
TranslateMDISysAccel
GetClassInfoA
EnumDisplaySettingsW
ShowCaret
IsCharAlphaNumericW
UnionRect
GetMonitorInfoA
IsWindow
UnregisterDeviceNotification
DrawStateA
PostThreadMessageW
CreateAcceleratorTableA
ShowScrollBar
GetWindowTextLengthA
OemKeyScan
GetSysColorBrush
IsRectEmpty
IsCharUpperW
SwitchToThisWindow
EnumDisplayDevicesW
GetMessageExtraInfo
ToUnicodeEx
OpenDesktopA
DestroyAcceleratorTable
SetClassLongW

gdi32

MoveToEx
GetNearestPaletteIndex
InvertRgn
RestoreDC
SetRectRgn
RoundRect
ChoosePixelFormat
DeleteEnhMetaFile
GetTextFaceW
OffsetWindowOrgEx
GetTextAlign
GetClipBox
GetPixel
DeleteObject
BitBlt
CreatePalette
GetPixelFormat
TranslateCharsetInfo
EnumFontsA
CloseMetaFile

comdlg32

PageSetupDlgW
GetOpenFileNameA

advapi32

RegEnumKeyW
EnumDependentServicesW
RegNotifyChangeKeyValue
GetTokenInformation
AccessCheckAndAuditAlarmW
CryptDeriveKey
CryptHashData

shell32

SHAddToRecentDocs
Shell_NotifyIconW
SHChangeNotify
FindExecutableW
SHFileOperationA
ShellExecuteA

ole32

CoRegisterClassObject

oleaut32

QueryPathOfRegTypeLi
SysAllocStringLen
SafeArrayRedim
SafeArrayGetLBound
VariantCopy
LoadTypeLi
VariantChangeType
SafeArrayUnaccessData

shlwapi

StrCmpLogicalW
PathUndecorateW
PathIsPrefixW
StrPBrkW
StrCmpNW
PathQuoteSpacesA
PathGetDriveNumberA
StrDupA
PathFileExistsA
PathRemoveBlanksW
StrFormatByteSizeA

Sections

ckiyu
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

icqouou
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

woysew
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mqkicg
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb9d00b019eb359110536a3663dbd607

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

ckiyu Size: 4KB - Virtual size: 3KB

icqouou Size: 8KB - Virtual size: 4KB

woysew Size: 260KB - Virtual size: 256KB

mqkicg Size: 12KB - Virtual size: 11KB

ckiyu
Size: 4KB - Virtual size: 3KB

icqouou
Size: 8KB - Virtual size: 4KB

woysew
Size: 260KB - Virtual size: 256KB

mqkicg
Size: 12KB - Virtual size: 11KB