6ed691c72ad4aa3ea0fa2e062737f86c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ed691c72ad4aa3ea0fa2e062737f86c_JaffaCakes118
Size

2.1MB
MD5

6ed691c72ad4aa3ea0fa2e062737f86c
SHA1

d50400520ffe2152a760843694ee2decd6200319
SHA256

ecc0977fd0f5d082c17d68efd5f293500f7fdff532fafd5f4a9a6cc6757ff75b
SHA512

5dee25d32a7833685f4cf3621b0adb309d3c20106e4f8b5722ac3c85a260a3a1c0f23c6ceb485338f8fd08eb7f241d82ecbd6cc20e55a5b964a95b8941e5d9a3
SSDEEP

24576:YBS1WE0eUN/EYaDFW22TYcqUN5zvSpcPhnmxwIBnidjc1:YBSkVdNE5DFiqUnKeJGwI4dy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ed691c72ad4aa3ea0fa2e062737f86c_JaffaCakes118

Files

6ed691c72ad4aa3ea0fa2e062737f86c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

432d4bbd11c9c389a345a461c5f25969

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetScrollPos
DrawAnimatedRects
GetClassInfoW
EnumDisplayMonitors
SystemParametersInfoW
DrawIconEx
DestroyIcon
DestroyCursor
GetClassNameW
InflateRect
SetRectEmpty
InvertRect
GetSysColor
MapWindowPoints
ClientToScreen
GetScrollPos
GetKeyboardLayoutList
DrawIcon
RemoveMenu
InsertMenuW
DestroyMenu
MsgWaitForMultipleObjects
SendInput
GetFocus
GetActiveWindow
SetFocus
CharLowerW
CheckDlgButton
IsZoomed
DeferWindowPos
IsWindow

winspool.drv

EnumPortsW
ReadPrinter

kernel32

LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
IsDebuggerPresent
GetModuleHandleW
TlsFree
TlsSetValue
RtlUnwind
LocalFree
VirtualAlloc
HeapSize
InitializeCriticalSection
PulseEvent
GetFileSize
SetCommMask
FileTimeToDosDateTime
ExpandEnvironmentStringsW
OutputDebugStringW
FindResourceW
GetTempPathW
SetDefaultCommConfigW
GetACP
GetLocaleInfoW
GetConsoleWindow
GetStringTypeW
HeapAlloc
HeapReAlloc
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
GlobalLock
CreateFileW
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
TlsGetValue
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
GetCurrentThreadId
SetLastError
GetLastError
EncodePointer
IsProcessorFeaturePresent
RaiseException
GetCommandLineW

advapi32

OpenSCManagerW

comctl32

CreateStatusWindowW
ImageList_GetImageInfo
ImageList_Read
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag
FlatSB_GetScrollInfo
ImageList_DrawIndirect
ImageList_Draw
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_SetImageCount
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_GetIcon
FlatSB_SetScrollPos

setupapi

SetupDiCreateDeviceInfoListExW
SetupGetLineCountW
SetupOpenFileQueue
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiGetSelectedDriverW
SetupDiGetClassDevsExW
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiGetActualSectionToInstallW
CM_Get_Device_IDW
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_Parent_Ex
SetupFindFirstLineW

shlwapi

StrRChrW
StrStrIW
StrChrIW
StrToIntW
StrCmpIW
StrRetToStrW
SHStrDupW
PathFindNextComponentW
PathIsRelativeW
PathIsRootW
PathIsUNCW
PathIsURLW
PathRemoveBackslashW
PathRemoveExtensionW
SHCreateStreamOnFileEx
SHCreateStreamOnFileW
SHSetValueW
SHGetValueW
SHDeleteValueW
PathCreateFromUrlW
UrlEscapeW
StrCmpNW
PathStripToRootW

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 623KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2o9i
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l9ty
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.at8ns
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

432d4bbd11c9c389a345a461c5f25969

Headers

File Characteristics

Imports

user32

winspool.drv

kernel32

advapi32

comctl32

setupapi

shlwapi

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 623KB - Virtual size: 7.2MB

.idata Size: 5KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.2o9i Size: 657KB - Virtual size: 657KB

.l9ty Size: 317KB - Virtual size: 316KB

.at8ns Size: 46KB - Virtual size: 46KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 623KB - Virtual size: 7.2MB

.idata
Size: 5KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.2o9i
Size: 657KB - Virtual size: 657KB

.l9ty
Size: 317KB - Virtual size: 316KB

.at8ns
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 362KB - Virtual size: 362KB