b8c263e9563fa2db52359abaeb8d9bce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8c263e9563fa2db52359abaeb8d9bce_JaffaCakes118
Size

259KB
MD5

b8c263e9563fa2db52359abaeb8d9bce
SHA1

ad60b3a743d63ca9412ebe67e5140915b8924472
SHA256

d47c3e9ac4c392d7c7eb3bd2ae01537393a220bf095ac3fd6171cdcc243223ec
SHA512

2294afee63ff16fb73dd459f039ad296cf9d5d4105b47c49a132f3b584a433b13158c369e101f5a9c472c65bbe4a41f86301a8c1a88eec19ae8892db9feb2164
SSDEEP

6144:f3KTr5E10C7m8smMRRaVQVKG1uppvxZq6+rqdytu+Kc:vgaV7mnrRaRyW5IJed3xc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c263e9563fa2db52359abaeb8d9bce_JaffaCakes118

Files

b8c263e9563fa2db52359abaeb8d9bce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9140e96f7071385bc85addcd58b5c7af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
lstrcmpW
GetModuleHandleW
GlobalAlloc
LocalFree
MulDiv
SetErrorMode
lstrlenW
Beep
ExpandEnvironmentStringsA
GetWindowsDirectoryW
GetProcessHeap
FreeLibrary
FindResourceW
LoadResource
SetUnhandledExceptionFilter
RaiseException
lstrlenA
GlobalFindAtomW
GetModuleHandleA
TlsAlloc
LocalAlloc
CreateEventW
GlobalDeleteAtom
GetCurrentThreadId
lstrcmpA
GetProcAddress

user32

GetForegroundWindow
SetActiveWindow
GetTopWindow
TrackPopupMenu
SetMenu
GetScrollPos
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetFocus
DefWindowProcW
WinHelpW
CopyRect
GetMenu
GetSubMenu
GetMenuItemCount
SetWindowLongW
SetWindowPos
IsIconic
GetCapture
SetCapture
GetDesktopWindow
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
IsWindow
GetMenuItemID
AppendMenuW
CopyIcon
GetIconInfo
GetMenuState
PostQuitMessage
PostMessageW
CheckMenuItem
IsDlgButtonChecked
MoveWindow
ShowWindow
DestroyIcon
DestroyMenu
CreatePopupMenu
InvalidateRect
EndDialog
CreateDialogIndirectParamW
SetTimer
MessageBeep
EnableMenuItem
SendMessageW
GetFocus
LoadBitmapW
SetWindowTextW
UnregisterClassW
LoadCursorW
GetSystemMetrics
GetSysColor
GetSysColorBrush
LoadImageW
EnableWindow
MessageBoxW
SetCursor
GetMessageW
GetActiveWindow
GetKeyState
PeekMessageW
GetCursorPos

gdi32

CreateBitmap
DeleteObject
CreatePatternBrush
CreateCompatibleDC
GetStockObject
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreatePalette

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
CreateProcessAsUserW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
GetSecurityInfo
RegQueryValueExA

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantChangeType
VariantClear

winmm

sndPlaySoundW

samlib

SamOpenAlias
SamCloseHandle
SamCreateGroupInDomain
SamSetSecurityObject
SamiLmChangePasswordUser
SamQuerySecurityObject
SamDeleteUser

iprtrmgr

StartRouter

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.h
Size: 3KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vYZjsW
Size: 3KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qD
Size: 3KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KZw
Size: 3KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HciYY
Size: 104KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ohBA
Size: 1024B - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 106KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9140e96f7071385bc85addcd58b5c7af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

winmm

samlib

iprtrmgr

Sections

.text Size: 18KB - Virtual size: 17KB

.h Size: 3KB - Virtual size: 128KB

.vYZjsW Size: 3KB - Virtual size: 47KB

.qD Size: 3KB - Virtual size: 396KB

.rdata Size: 4KB - Virtual size: 17KB

.KZw Size: 3KB - Virtual size: 429KB

.HciYY Size: 104KB - Virtual size: 173KB

.ohBA Size: 1024B - Virtual size: 181KB

.data Size: 8KB - Virtual size: 73KB

.M Size: 106KB - Virtual size: 193KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 17KB

.h
Size: 3KB - Virtual size: 128KB

.vYZjsW
Size: 3KB - Virtual size: 47KB

.qD
Size: 3KB - Virtual size: 396KB

.rdata
Size: 4KB - Virtual size: 17KB

.KZw
Size: 3KB - Virtual size: 429KB

.HciYY
Size: 104KB - Virtual size: 173KB

.ohBA
Size: 1024B - Virtual size: 181KB

.data
Size: 8KB - Virtual size: 73KB

.M
Size: 106KB - Virtual size: 193KB

.rsrc
Size: 3KB - Virtual size: 3KB