6ad4d65cfd5aa3948da347ed1418e131_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6ad4d65cfd5aa3948da347ed1418e131_JaffaCakes118
Size

2.0MB
MD5

6ad4d65cfd5aa3948da347ed1418e131
SHA1

d31f2b2bacea0668a4c833ffe84059116c54d2e8
SHA256

09e8705b7e996516c57dfdfaeb1a7f8f7a12c908c2e3098c4205382398e05cc7
SHA512

af78ef219477f5b6e0c462f351c5d89ea1986addfb7a297e8d1add9bea6676815d0711b64a38eb5bdbc6cfad6975f16f8a2a86a39a70191136f81f37c2369453
SSDEEP

24576:G0YO+hp5Eh3FQYad1yokTVknx99qhAjssEuGiZ43oA:G0OhQh3nad1WVi58uGimoA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ad4d65cfd5aa3948da347ed1418e131_JaffaCakes118

Files

6ad4d65cfd5aa3948da347ed1418e131_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc78a44bbcee7fc8d6b256d1e27dd30d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CreateWindowExW
ShowWindow
UpdateLayeredWindow
DeferWindowPos
GetMonitorInfoW
SetWindowLongW
CopyRect
GetCursorPos
SetCursor
ShowCursor
RedrawWindow
InvalidateRect
RegisterWindowMessageW
DrawIcon
SetMenuDefaultItem
GetMenuItemCount
GetSubMenu
EnableMenuItem
LoadMenuW
MsgWaitForMultipleObjects
SetFocus
CharUpperW

wintrust

CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
OpenSCManagerW
RegEnumValueW

winspool.drv

AddMonitorW

kernel32

GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
LCMapStringW
FreeEnvironmentStringsW
GetProcessId
GetLastError
IsDebuggerPresent
SetHandleCount
GetFileType
SetCommState
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileMappingW
OpenFileMappingW
GetStartupInfoW
GetFullPathNameW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
BuildCommDCBAndTimeoutsW
GetVersionExW
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
GetBinaryTypeW
GetCommandLineW
RaiseException
EncodePointer
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP

crypt32

CryptMsgGetParam
CryptMsgOpenToDecode
CryptFindOIDInfo
CertCreateCertificateContext
CryptDecodeObjectEx
CryptEncodeObject
CertFreeCRLContext
CertGetEnhancedKeyUsage
CryptExportPKCS8
CryptHashPublicKeyInfo
CryptDecodeObject
CryptStringToBinaryW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 807KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.6orj3
Size: 546KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hbt65
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.luvs
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc78a44bbcee7fc8d6b256d1e27dd30d

Headers

File Characteristics

Imports

user32

wintrust

advapi32

winspool.drv

kernel32

crypt32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 807KB - Virtual size: 7.4MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.6orj3 Size: 546KB - Virtual size: 546KB

.hbt65 Size: 298KB - Virtual size: 298KB

.luvs Size: 138KB - Virtual size: 137KB

.rsrc Size: 123KB - Virtual size: 122KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 807KB - Virtual size: 7.4MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.6orj3
Size: 546KB - Virtual size: 546KB

.hbt65
Size: 298KB - Virtual size: 298KB

.luvs
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 123KB - Virtual size: 122KB