08ff74d50f914a9f222b6b762b06be40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08ff74d50f914a9f222b6b762b06be40_JaffaCakes118
Size

336KB
MD5

08ff74d50f914a9f222b6b762b06be40
SHA1

846361d4b75d46a3d5831b17e88adca8e0334e01
SHA256

f5db518164d577cac0567f26f7bd242bbd0c356b8eb2e42fc5da1b43f4366e7b
SHA512

676e8b34741cf8d5d4eb023759d5826223f94a916c29aac7ee730e810deaf8b6fbbd672cc0ff58b80c283c858fb3927109dc8adecb71984e4366dbf7fec1e033
SSDEEP

6144:n4AcRqxpLCHTa0l0T7dhAK6/vgr2v05XpTYM7DykG3gNfKk:4AcRqxAHW0l09/ivtI7DQZk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ff74d50f914a9f222b6b762b06be40_JaffaCakes118

Files

08ff74d50f914a9f222b6b762b06be40_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c4c078dc1c523eec5326d6aa1e87e2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
LCMapStringW
RtlUnwind
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GlobalFree
GetCurrentProcess
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
CreateConsoleScreenBuffer
GetStdHandle
GlobalUnlock
HeapCreate
WriteConsoleOutputA
SizeofResource
Sleep
LoadLibraryW
GlobalAlloc
ReadConsoleOutputA
GlobalLock
GetTickCount
SetConsoleActiveScreenBuffer
GetACP
EnterCriticalSection
HeapAlloc
LoadResource
QueryPerformanceCounter
FindResourceA
FlushFileBuffers
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetLastError
EncodePointer
DecodePointer
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
IsProcessorFeaturePresent
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

CheckMenuItem
LoadCursorA
FindWindowA
EndPaint
CloseClipboard
PostQuitMessage
FillRect
GetMenuItemID
DeleteMenu
GetParent
LoadIconA
GetClipboardFormatNameA
CreateMenu
SetFocus
SendMessageA
EnumClipboardFormats
BeginPaint
GetDC
GetCapture
GetForegroundWindow
SetRect
InvalidateRect
CreateWindowExA
ReleaseDC
DefWindowProcA
ShowWindow
AppendMenuA
GetMenuItemCount
OpenClipboard
IsWindowVisible
CountClipboardFormats
UpdateWindow

gdi32

LineTo
SetTextColor
GetDeviceCaps
GdiFlush
SetBkMode
DeleteObject
SelectObject
CreatePen
GetTextMetricsA
CreateSolidBrush
TextOutA
MoveToEx

winspool.drv

ClosePrinter

ole32

CreateStreamOnHGlobal

opengl32

glVertex3f
glBegin
glNormal3f
glEnd
glClear

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c4c078dc1c523eec5326d6aa1e87e2c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

opengl32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 193KB - Virtual size: 235KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 193KB - Virtual size: 235KB

.rsrc
Size: 17KB - Virtual size: 16KB