8b6c087ce23acbe5540e2e799e215010_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8b6c087ce23acbe5540e2e799e215010_JaffaCakes118
Size

346KB
MD5

8b6c087ce23acbe5540e2e799e215010
SHA1

6f4d9a8e3fb4dcc9e71ac88a2042f86873ba9593
SHA256

26b61a616d9ff0fc7e76c5c5d5058b6a05eec82c16b8206b0a3f057e82e23e71
SHA512

31a76bf4230f2683d768917c172a12f898f309cef4dae9087aecf6f70b66a32c6de2b79c66564db0661901306d0cef029446be0f337479a756d9ff656512228d
SSDEEP

6144:ltdN0c+xadEDmU5JXN4/6/1B4fAd9r+KJQlStcZeNtC/ZfyBeNPTfW:rD0c+0EjX4/6/1B4fAd9KKJ6fIORqkNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6c087ce23acbe5540e2e799e215010_JaffaCakes118

Files

8b6c087ce23acbe5540e2e799e215010_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ad2237af2feb02517600870b5e5eb9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
SetActiveWindow
LoadBitmapW
GetSysColorBrush
GetNextDlgTabItem
GetAsyncKeyState
DrawFocusRect
EqualRect
NotifyWinEvent
DestroyCursor
SetRectEmpty
RedrawWindow
GetParent
IsWindowVisible
SetWindowPos
SetParent
ClientToScreen
AppendMenuW
CreatePopupMenu
KillTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
ScreenToClient
GetCursorPos
ExitWindowsEx
OffsetRect
EnumChildWindows
FindWindowW
SetWindowTextW
GetWindowLongW
GetClassNameW
EnableMenuItem
GetSystemMenu
SetTimer
SetForegroundWindow
PostMessageW

shell32

ShellExecuteW
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW

oledlg

OleUIBusyW

comctl32

InitCommonControlsEx

shlwapi

PathIsRootW
PathIsUNCW
PathAppendW
PathFindFileNameW
PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathAddBackslashW

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
HeapSize
SetFilePointer
ReadFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
RaiseException
HeapReAlloc
HeapAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
LCMapStringA
WideCharToMultiByte
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
VirtualAlloc
MoveFileExA
IsBadReadPtr
ReleaseSemaphore
GetUserDefaultUILanguage
UnregisterWaitEx
SetConsoleCursorInfo
LoadResource
FatalExit
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeZoneInformation
GetProcAddress
GetModuleHandleA
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 76.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ad2237af2feb02517600870b5e5eb9b

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

oledlg

comctl32

shlwapi

kernel32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 6KB - Virtual size: 76.4MB

.rsrc Size: 251KB - Virtual size: 250KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 6KB - Virtual size: 76.4MB

.rsrc
Size: 251KB - Virtual size: 250KB