006d470858c609c9e93d90a80af01e89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

006d470858c609c9e93d90a80af01e89_JaffaCakes118
Size

131KB
MD5

006d470858c609c9e93d90a80af01e89
SHA1

6667fd0c51fe78f5f62225d4d13097c4fa753bf4
SHA256

6963ac05b3c095171fed21c9ea29e1dd9c6d44632b1654f5601f6d8bd86a52f2
SHA512

568ba262b44a69d0b92016281de5d30b593498434e7baf5c3bf8eb1f240fe2fa63bb2693b5454033ba26c8efb097d3ab43afc2a406a4da3c233c27969fd1dd1d
SSDEEP

3072:F/KOeZkMcvJqD4XwZtKUqq0deBu0SpeiFBh6/:VVeWtItK00d9rh6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006d470858c609c9e93d90a80af01e89_JaffaCakes118

Files

006d470858c609c9e93d90a80af01e89_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d76d7e27646968ac972247c1faebf8d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ChrCmpIW

ole32

ReadFmtUserTypeStg

kernel32

CreateEventW
SetEvent
GetCurrentProcess
WaitForMultipleObjects
ResetEvent
CloseHandle
GetVersion
LocalHandle
GetStringTypeW
GetNLSVersionEx
GetThreadUILanguage
GlobalFlags
GetEnvironmentStringsW
GetCommModemStatus
SetThreadLocale
GetCurrentThreadId
GetConsoleOutputCP
SetCommState

oleaut32

BSTR_UserFree
SafeArrayAllocDescriptor
VarUI4FromUI8

winmm

waveInStop

user32

GetClipboardSequenceNumber
GetShellWindow
IsWindowEnabled
CreatePopupMenu
DdeAbandonTransaction
CheckDlgButton
SetScrollInfo
CreateCaret
GetClipboardOwner
GetDCEx
GetWindowContextHelpId
GetInputState
SetPropA
InvalidateRect

winspool.drv

SetPrinterDataExW

gdi32

OffsetClipRgn
GetNearestColor
SetWindowExtEx
AddFontResourceExW

winscard

SCardGetStatusChangeW

setupapi

SetupDiGetSelectedDevice

advapi32

AddAuditAccessAceEx

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76d7e27646968ac972247c1faebf8d8

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ole32

kernel32

oleaut32

winmm

user32

winspool.drv

gdi32

winscard

setupapi

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.text1 Size: 512B - Virtual size: 102B

.rdata Size: 81KB - Virtual size: 81KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 336B

.text
Size: 14KB - Virtual size: 14KB

.text1
Size: 512B - Virtual size: 102B

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 512B - Virtual size: 336B