f60c709ac3bef8e7eae67b6e185dcad6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f60c709ac3bef8e7eae67b6e185dcad6_JaffaCakes118
Size

152KB
MD5

f60c709ac3bef8e7eae67b6e185dcad6
SHA1

001100a060cb90bb76498407e819886415c1ea99
SHA256

e70083e31b603698132ace49d0d1da8a1ce3cf0f18f319f8df01046949daae12
SHA512

0b6dda5a499f1c74535e3285d5adc44a5704f29c2f5f81a02b343317609d2b538a351e206b8667b06ad7d65c3940d351de921fb28d7a46feb67794060992d752
SSDEEP

3072:sbYu9fjXBaTbRtfG2aU6xghJzaD51r5h5S7W02h/d329LHVER:gYu9fbBaHvG2ToghJgrzE7ydk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f60c709ac3bef8e7eae67b6e185dcad6_JaffaCakes118

Files

f60c709ac3bef8e7eae67b6e185dcad6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d25f020843ee35101b18f51cbaba7b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetEnvironmentStrings
GetStdHandle
GetTempFileNameA
GetProcessHeap
SetHandleCount
TlsFree
SizeofResource
IsValidCodePage
LCMapStringA
CreateFileA
DuplicateHandle
TerminateProcess
LoadResource
GetCurrentProcessId
VirtualQuery
WaitForSingleObject
SetProcessAffinityMask
VirtualProtect
WaitForMultipleObjects
GetLocalTime
GlobalAlloc
GetDriveTypeA
LoadLibraryA
DeleteCriticalSection
InterlockedIncrement
CloseHandle
FindFirstFileA
MapViewOfFileEx
GetCPInfo
InterlockedExchange
lstrlenW
Sleep
FileTimeToSystemTime
GetFullPathNameA
GetCurrentThreadId
CreateFileMappingW
SetThreadLocale
RaiseException
GetFileAttributesA
GetTimeZoneInformation
GetSystemDefaultLangID
GetLocaleInfoA
SetConsoleCtrlHandler
GlobalLock
GetCommandLineA
DeleteFileA
GetStartupInfoA
InterlockedDecrement
GetOEMCP
UnhandledExceptionFilter
HeapAlloc
GetFileType
GetModuleHandleA
WriteFile
VirtualAlloc
SwitchToThread
GetCurrentProcess

user32

IsWindow
EnableWindow
OffsetRect
SendMessageA
GetKeyboardState
EndPaint
EnumThreadWindows
CallNextHookEx
DestroyCaret
GetForegroundWindow
SetWindowLongA
GetKeyState
ClientToScreen
ScreenToClient
SystemParametersInfoA
PostMessageA
SetCaretPos
CreateCaret
GetSystemMenu
IntersectRect
SetParent
MessageBoxA
EnumChildWindows
InvalidateRect
GetWindowRect
IsWindowVisible
LoadIconA
BeginPaint
ShowCaret
SetForegroundWindow
DestroyWindow

ole32

OleUninitialize
DoDragDrop

savecmsg

_Stold
_Denorm
_Stod
_Hugeval
_LDenorm
_Xbig
_LNan
_Poly
_FEps
_FDscale
_Toupper
_Dnorm
_LExp
_FDenorm
_LXbig
_LDscale
_FXbig
_Wcrtomb
_FSnan
_Nan
_Snan
_Strcoll
_Exp
_Getcoll
_LSnan
_Dtest
_LRteps
_FDnorm

comctl32

PropertySheetA
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_DragLeave

gdi32

GetStockObject
GetTextExtentPoint32W
GetDCOrgEx
SelectObject
SelectClipRgn
SetTextColor
GetTextExtentPoint32A
SetBkColor
GetTextColor
ExtTextOutW

shell32

SHBrowseForFolderA

Sections

.text
Size: 144KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d25f020843ee35101b18f51cbaba7b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

savecmsg

comctl32

gdi32

shell32

Sections

.text Size: 144KB - Virtual size: 148KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 148KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB