6edb21f557456debb935271882eaf43a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6edb21f557456debb935271882eaf43a_JaffaCakes118
Size

540KB
MD5

6edb21f557456debb935271882eaf43a
SHA1

0857d2e675c1dd3cc7615e89e0af0d07d05aaf29
SHA256

6c0e021da9adc2d96e6cc097a1cd7797308feb5dcff63fce99080674b872f5ea
SHA512

adbb494c2f097b809e8500d6fa87a4dc9f893ae0663f234528500f5ae9466200f2aa2f138fb1d037f7ac2cb6352c841ef8cb325d54acf625366e774d19d30315
SSDEEP

12288:+fSMB/EYA6RovcirhEKwI4sqiYXDg+S8kKJ2cybQ5N+:oOHZtwI4XNjscyIN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/Propuesta-estrategia 29-04-2019.exe

Files

6edb21f557456debb935271882eaf43a_JaffaCakes118
.zip
Propuesta-estrategia 29-04-2019.zip
.zip
Propuesta-estrategia 29-04-2019.exe
.exe windows:6 windows x86 arch:x86

893cc00c8ea3ebd1d231a1bcfe000403

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32NextW
VirtualQueryEx
GetSystemInfo
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetFullPathNameW
GetFullPathNameA
FormatMessageW
GetTempPathW
LockFileEx
LoadLibraryW
DeleteFileW
GetFileAttributesW
DeleteFileA
GetFileAttributesA
LockFile
UnlockFile
GetFileSize
SetFilePointer
InterlockedCompareExchange
InitializeCriticalSection
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
FreeLibrary
GetTimeZoneInformation
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetFileType
GetTickCount
GetProcessHeap
WriteFile
GetStdHandle
HeapSize
AreFileApisANSI
GetModuleHandleExW
Module32FirstW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
IsProcessorFeaturePresent
GetModuleHandleW
GetStartupInfoW
TlsFree
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetTempFileNameA
GetTempPathA
GetModuleHandleA
CloseHandle
OpenProcess
SetConsoleCtrlHandler
GetVersionExA
QueryPerformanceCounter
GetAtomNameW
FindResourceA
GetModuleFileNameW
LoadLibraryA
CreateEventA
lstrlenA
lstrcpyA
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
GetSystemTime
SizeofResource
LoadResource
Sleep
WaitForMultipleObjects
WaitForSingleObject
GetLastError
LockResource
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetCommandLineW
HeapFree
RtlUnwind
RaiseException
HeapAlloc
GetStringTypeW
GetCurrentThreadId
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetCurrentProcessId
GetCurrentProcess
ExitProcess
FormatMessageA
VirtualAlloc
LocalFree
GetProcAddress
IsDebuggerPresent
CreateFileA

user32

CheckMenuRadioItem
SendMessageA
DefWindowProcA
PostQuitMessage
CallWindowProcA
RegisterClassA
CreateWindowExA
ShowWindow
GetDlgItem
GetDialogBaseUnits
SetFocus
GetFocus
GetKeyState
GetSystemMetrics
GetSystemMenu
GetMenuItemInfoA
SetActiveWindow
GetForegroundWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
LoadIconW
GetWindowLongW
GetWindowTextW
InvalidateRect
SendMessageW
GetIconInfo
DrawIconEx
DestroyIcon
LoadIconA
LoadBitmapA
SetWindowTextW
GetWindowThreadProcessId
FindWindowA
GetParent
GetWindowLongA
PtInRect
OffsetRect
SetRect
FillRect
GetSysColor
GetCursorPos
SetWindowContextHelpId
GetClientRect
GetWindowTextA
SetWindowTextA
GetPropW

gdi32

LineTo
SetBrushOrgEx
SetViewportExtEx
ExtTextOutA
MoveToEx
GetObjectA
SetBkColor
SelectObject
Rectangle
PatBlt
BitBlt
GetStockObject
GetCurrentObject
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreatePatternBrush
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

ole32

CreateItemMoniker
GetRunningObjectTable
OleInitialize
CoInitialize
StgCreateDocfile
CoCreateInstance
CoLockObjectExternal

oleaut32

OleTranslateColor

ws2_32

WSAStartup

psapi

GetMappedFileNameW

msi

ord50

avifil32

AVIStreamGetFrameOpen

msacm32

acmStreamUnprepareHeader
acmStreamClose

winmm

mmioOpenA

shlwapi

StrFromTimeIntervalA

comctl32

InitCommonControlsEx

rpcrt4

UuidHash
UuidIsNil

imm32

ImmGetDefaultIMEWnd

setupapi

CM_Get_Global_State
CM_Get_Device_Interface_AliasW
CM_Get_Device_Interface_ListW

uxtheme

GetThemeInt

urlmon

HlinkSimpleNavigateToString

authz

AuthzInitializeResourceManager

ntdsapi

DsWriteAccountSpnA

Exports

Exports

Pi

Sections

.text
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

893cc00c8ea3ebd1d231a1bcfe000403

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

ws2_32

psapi

msi

avifil32

msacm32

winmm

shlwapi

comctl32

rpcrt4

imm32

setupapi

uxtheme

urlmon

authz

ntdsapi

Exports

Exports

Sections

.text Size: 399KB - Virtual size: 398KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 9KB - Virtual size: 22KB

.rsrc Size: 298KB - Virtual size: 297KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 399KB - Virtual size: 398KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 9KB - Virtual size: 22KB

.rsrc
Size: 298KB - Virtual size: 297KB

.reloc
Size: 15KB - Virtual size: 15KB