f6ee284a05998b633602541d0f93e165_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6ee284a05998b633602541d0f93e165_JaffaCakes118
Size

668KB
MD5

f6ee284a05998b633602541d0f93e165
SHA1

5f5f7f5809acd2b1b5de14caeace58708ddd913e
SHA256

5d871eb9d73e30c1ddfaeb86cc84ebf367bf45e817aa978d98dc00d40392bf55
SHA512

065b787dc7c0d4a7a06277062da880df237113a44779f6a8a1f19d391ec8f0f34ca38842b5778f5c00262aaee09a9b4c830dae8b2fee063cf9fb1b746be0bf49
SSDEEP

12288:9nXY73J9jSyUHL68wI/d//unPm1MZNllAds2lo9il7qn1QlqbX1jDlcD2dI:CrjKHW8//unLZMsRilmnLBO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6ee284a05998b633602541d0f93e165_JaffaCakes118

Files

f6ee284a05998b633602541d0f93e165_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26d9944ba77d3911361f5d35adb7e2c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\tuyqej\feokp\ewljlvf\e

Imports

user32

SetWinEventHook
RegisterClassA
VkKeyScanExW
DefDlgProcA
SetMenuItemBitmaps
DlgDirSelectComboBoxExW
MsgWaitForMultipleObjects
GetWindowTextW
OpenInputDesktop
CheckRadioButton
GetDlgCtrlID
InsertMenuItemW
CreateIconIndirect
RegisterClassExA
EnumDesktopsW
DdeAddData

kernel32

GetModuleHandleA
TlsFree
EnumDateFormatsExW
CreateMutexA
GetCPInfo
WriteConsoleA
VirtualAlloc
HeapFree
InterlockedExchange
lstrlenA
SetStdHandle
GetEnvironmentStringsW
IsDebuggerPresent
GetFileType
GetStringTypeA
GetCommandLineA
GetDateFormatA
VirtualQuery
RaiseException
OutputDebugStringW
CreateEventA
GetOEMCP
GetProcessHeap
LoadLibraryW
CreateFileA
TlsAlloc
WideCharToMultiByte
FreeLibrary
HeapDestroy
GetSystemTimeAsFileTime
SetLastError
LCMapStringA
GetVersionExA
FreeEnvironmentStringsA
InitializeCriticalSection
GetUserDefaultLCID
FormatMessageA
InterlockedDecrement
SetUnhandledExceptionFilter
GetStartupInfoA
GetACP
LCMapStringW
QueryPerformanceCounter
GetStartupInfoW
GetTimeZoneInformation
GetLocaleInfoA
GetTickCount
GetProcAddress
DebugBreak
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetModuleFileNameW
CompareStringW
IsValidCodePage
SetEnvironmentVariableA
GetConsoleOutputCP
FoldStringW
GetEnvironmentStrings
SetHandleCount
GetNumberFormatW
IsValidLocale
SetFilePointer
GetCurrentThreadId
GetConsoleMode
TlsGetValue
HeapValidate
GetConsoleCP
GetStringTypeW
HeapAlloc
LeaveCriticalSection
OpenMutexA
CompareStringA
FreeEnvironmentStringsW
InterlockedIncrement
CloseHandle
GetLocaleInfoW
HeapCreate
GetCurrentThread
ExitProcess
OutputDebugStringA
HeapReAlloc
WriteConsoleW
WriteFile
LoadLibraryA
MultiByteToWideChar
EnterCriticalSection
GetTimeFormatA
GetModuleFileNameA
SetConsoleCtrlHandler
GetCurrentProcess
FlushFileBuffers
TlsSetValue
ReadFile
GetCommandLineW
EnumSystemLocalesA
GetCurrentProcessId
IsBadReadPtr
GetStdHandle
DeleteCriticalSection
VirtualFree
GetLastError

comctl32

InitCommonControlsEx

Sections

.text
Size: 462KB - Virtual size: 462KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26d9944ba77d3911361f5d35adb7e2c4

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 462KB - Virtual size: 462KB

.rdata Size: 78KB - Virtual size: 98KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 462KB - Virtual size: 462KB

.rdata
Size: 78KB - Virtual size: 98KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 19KB - Virtual size: 19KB