f08462d5091d968c07ef8746796b7e4e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f08462d5091d968c07ef8746796b7e4e_JaffaCakes118
Size

360KB
MD5

f08462d5091d968c07ef8746796b7e4e
SHA1

801d67ed9d04ba8b5d5ec300b2569921492269b9
SHA256

a3d7a1943211726bb5b23ec5e5f2e5fb2d9b24e49a27c10c2c6c526cb51eca1d
SHA512

a8d5b1d743ba9121945a6d9536f0ae9b186ee801de075157868157ac0e22335de93cf98676659b1532c46a590e454e69b9636de66515b1797ae7dbe292317c2e
SSDEEP

6144:uB1MREEZ+CkHFniPDwyVNBMf1F+LtG26+X1mzbImYC43yHYM+:uB1Sx70ONMFh26+XibImYCSKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f08462d5091d968c07ef8746796b7e4e_JaffaCakes118

Files

f08462d5091d968c07ef8746796b7e4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6aeca42c8e5a0023cec9da307b9454d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zmv\s

Imports

user32

SetMenuItemInfoW
CallMsgFilterA
GetWindowContextHelpId
MessageBoxExA
LookupIconIdFromDirectory
GetMenuItemID
EnumThreadWindows
DestroyAcceleratorTable
PeekMessageW
RegisterClassA
SetWinEventHook
DestroyWindow
DrawAnimatedRects
GetWindowModuleFileNameW
ClientToScreen
CharLowerW
MonitorFromRect
DdeCmpStringHandles
wvsprintfA
RemovePropW
ShowWindow
DrawStateA
RegisterClassExA
ShowCursor
MessageBoxW
GetKeyboardLayout
DefWindowProcA
CreateWindowExA
IsChild

kernel32

GetLastError
GetCommandLineA
GetProcAddress
CompareStringA
GetStringTypeA
ReadConsoleOutputA
InterlockedIncrement
WritePrivateProfileStructW
GetLocaleInfoW
SetHandleCount
TlsAlloc
IsValidCodePage
RtlUnwind
EnterCriticalSection
HeapSize
LockFileEx
TerminateProcess
GetCurrentThreadId
WritePrivateProfileStringA
LCMapStringW
VirtualAlloc
WriteFile
QueryPerformanceCounter
SetConsoleMode
LeaveCriticalSection
GetCurrentThread
AddAtomA
GetStdHandle
GlobalFix
InitializeCriticalSection
GetEnvironmentStringsW
GetACP
IsValidLocale
GetTimeZoneInformation
CreateMutexA
GetUserDefaultLCID
GetLocaleInfoA
MoveFileExW
GetVersionExA
FlushFileBuffers
LCMapStringA
GetFileType
VirtualQuery
FreeEnvironmentStringsA
LoadLibraryA
HeapFree
GetOEMCP
HeapReAlloc
CreateSemaphoreA
GetCommandLineW
GetTickCount
DeleteCriticalSection
SetLastError
SetVolumeLabelA
FreeEnvironmentStringsW
TlsFree
GetTimeFormatA
CloseHandle
HeapCreate
TransmitCommChar
SetLocalTime
GetStartupInfoA
MultiByteToWideChar
HeapDestroy
GetModuleFileNameA
VirtualQueryEx
EnumSystemLocalesA
GetStringTypeW
GetConsoleCP
IsBadWritePtr
ResetEvent
TlsSetValue
WideCharToMultiByte
ExitProcess
UnhandledExceptionFilter
CompareStringW
VirtualFree
SetEnvironmentVariableA
SetFilePointer
FreeLibraryAndExitThread
OpenMutexA
SetStdHandle
GetModuleHandleA
GetCPInfo
CreatePipe
GetCurrentProcess
GetSystemInfo
GetEnvironmentStrings
HeapAlloc
GetDateFormatA
GetCurrentProcessId
ReadFile
GetSystemTimeAsFileTime
VirtualAllocEx
CreateEventW
VirtualProtect
InterlockedExchange
SetEvent
TlsGetValue

comctl32

ImageList_LoadImageW
CreatePropertySheetPageA
DrawStatusTextA
InitCommonControlsEx
ImageList_GetFlags
ImageList_SetFilter
ImageList_SetFlags
ImageList_Copy

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aeca42c8e5a0023cec9da307b9454d7

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 92KB - Virtual size: 88KB

.data Size: 100KB - Virtual size: 119KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 92KB - Virtual size: 88KB

.data
Size: 100KB - Virtual size: 119KB

.rsrc
Size: 20KB - Virtual size: 16KB