0069dc800c0efdf022587074308b0cce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0069dc800c0efdf022587074308b0cce_JaffaCakes118
Size

252KB
MD5

0069dc800c0efdf022587074308b0cce
SHA1

35a9d2c383db603d4ee8b7221abeaaa3ed4eee08
SHA256

007ffc5618c59b3346e137ea76038cb9d8399d847a8c27c4ed5eb5cfd7118f4f
SHA512

6f315a375eb690ed3eaa05cc371d80dc3e57d0d32a538caf84b45ac6a24b2f701216ca87b458767d61af53da2742a26d531bdb50a41084484fea01f6212400e6
SSDEEP

6144:6MWclrWkWMAPaYvpv3CLcr4j/6xN/SZwe3fXroxt8XQr:dlrmPaUvCQgMN/SZ13fWt8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0069dc800c0efdf022587074308b0cce_JaffaCakes118

Files

0069dc800c0efdf022587074308b0cce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8b64a8e95584b89dbc92b6af402fbda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetSystemTime
GetUserDefaultLCID
UnmapViewOfFile
CreateMutexA
ExpandEnvironmentStringsW
DuplicateHandle
ReadDirectoryChangesW
EnumResourceNamesA
GlobalFindAtomW
SetConsoleOutputCP
PulseEvent
lstrcpyA
GetNumberFormatW
ReleaseSemaphore
EnumSystemCodePagesW
QueryDosDeviceW
GetDateFormatA
GetCurrentProcessId
FillConsoleOutputCharacterA
GetAtomNameA
lstrcatW
CreateDirectoryA
VirtualFree
EnumResourceLanguagesW
FindCloseChangeNotification
SetSystemTime
GetStartupInfoA
GetVolumeInformationW
RaiseException
EraseTape
GetSystemDefaultLangID
GetHandleInformation
SetThreadAffinityMask
GetWindowsDirectoryA
FatalAppExitA
ReadFileScatter
LocalFileTimeToFileTime
OpenSemaphoreW
_hread
IsValidLocale
GetTickCount
lstrcmpA
FreeLibraryAndExitThread
GetThreadContext
GetTimeZoneInformation
LoadLibraryExW
SetCurrentDirectoryA
SetVolumeLabelA
GetBinaryTypeA
GlobalAddAtomA
SetProcessWorkingSetSize
SetupComm
ScrollConsoleScreenBufferA
_llseek
GetDiskFreeSpaceExA
LoadResource
SetConsoleWindowInfo
SetCommTimeouts
GetVersionExA
VirtualProtect
GetVersion
GetCommandLineW
FlushFileBuffers
LeaveCriticalSection
SuspendThread
FindNextChangeNotification
ExitThread
CreateProcessA
DeleteCriticalSection
GlobalReAlloc
GetConsoleCursorInfo
WriteConsoleOutputW
GetOverlappedResult
FindFirstFileA
GetTempPathW
AllocConsole
FileTimeToLocalFileTime
SetErrorMode
InitializeCriticalSection
GetDriveTypeA
GetShortPathNameA
LoadLibraryExA
RemoveDirectoryW
GetStringTypeExW
CreateEventA
WriteConsoleOutputCharacterA
WritePrivateProfileSectionA
EnumResourceNamesW
FreeResource
CreatePipe
LocalLock
FormatMessageW
SetFileAttributesA
GetSystemTimeAsFileTime
GetCommandLineA
VirtualAlloc
GetEnvironmentVariableW
ExitProcess

user32

EnumChildWindows
RegisterHotKey
SwitchToThisWindow
ArrangeIconicWindows
IsRectEmpty
MapWindowPoints
ChangeClipboardChain
GetWindowContextHelpId
GetFocus
EnumWindowStationsW
AppendMenuA
OemKeyScan
LoadIconW
EnumDisplaySettingsExA
GetSysColor
ValidateRgn
UnregisterClassW

gdi32

ResizePalette
CombineRgn
StartDocA
SetPixel
GetPolyFillMode
OffsetRgn
GetPixel
CreateHalftonePalette
GetFontLanguageInfo
SetBkMode

comdlg32

PageSetupDlgW
GetSaveFileNameA
CommDlgExtendedError

advapi32

ReportEventW
GetSecurityDescriptorGroup
RegLoadKeyA
CryptVerifySignatureA
SetServiceStatus
GetUserNameA
GetServiceDisplayNameA
LookupAccountNameA
CryptVerifySignatureW
RegSetValueW
LogonUserW
GetNamedSecurityInfoW
AddAce
LookupAccountSidW
CryptGetHashParam
RegisterServiceCtrlHandlerA
CryptSignHashW
RegSetValueExW
QueryServiceConfigA
RegSetValueA
CryptGetUserKey
GetSecurityDescriptorOwner
RevertToSelf
CryptDestroyKey

shell32

ExtractIconA
Shell_NotifyIconW

ole32

OleBuildVersion
CoCreateInstanceEx
OleGetIconOfClass
CoTreatAsClass
OleRegGetUserType
CoTaskMemRealloc

oleaut32

SysFreeString
VariantCopy
SysStringLen
QueryPathOfRegTypeLi
SafeArrayGetLBound

comctl32

ImageList_GetImageInfo

shlwapi

PathAddBackslashW
SHRegSetUSValueW
StrDupA
PathRemoveArgsW
PathStripPathW
SHCopyKeyA
SHSetValueA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8b64a8e95584b89dbc92b6af402fbda

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 232KB - Virtual size: 228KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 232KB - Virtual size: 228KB