06fc66966d0d0456820323da912d8102_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06fc66966d0d0456820323da912d8102_JaffaCakes118
Size

432KB
MD5

06fc66966d0d0456820323da912d8102
SHA1

c7f425341fee28f5be0ffe60e7baf0216ebc3a3a
SHA256

bbdaf9a2cbe9ae99f478d996409d6c551c6d25794c439230e6247d08ea2092f5
SHA512

58a2e68ae81d8ddcd89437de237e4241c90ae9952142a21c26c628fce96ce554cae5dee535d1fefc29774f8bb8f0c89c8b095fcffdcb07e486e49eacb1600427
SSDEEP

12288:5jC9+uFPW1jcNnxtfvXUiFz+MK3WzWLSW3gyY6yUY2uZ:IbnidYeuZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06fc66966d0d0456820323da912d8102_JaffaCakes118

Files

06fc66966d0d0456820323da912d8102_JaffaCakes118
.exe windows:4 windows x86 arch:x86

889b10d2a36ae6851724aee7ca3093fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpEndRequestW
ReadUrlCacheEntryStream
FtpOpenFileW
InternetCheckConnectionA
InternetCombineUrlA
GopherGetLocatorTypeW
InternetConfirmZoneCrossingA
FindFirstUrlCacheEntryW

comdlg32

GetSaveFileNameW
LoadAlterBitmap
ReplaceTextW
PageSetupDlgW
FindTextA
ChooseColorW
PrintDlgA
GetOpenFileNameA
ReplaceTextA
PrintDlgW
GetFileTitleA
GetSaveFileNameA
ChooseColorA
ChooseFontA
FindTextW
GetFileTitleW
GetOpenFileNameW
PageSetupDlgA

gdi32

SetMapMode
GetEnhMetaFileHeader
GetCurrentObject
GetTextExtentPointW
CreatePen
SetDeviceGammaRamp
SetTextCharacterExtra
GetPaletteEntries
PtVisible

user32

SetScrollRange
GetClipboardOwner
SetMenuItemBitmaps
GetMenuStringW
GetGUIThreadInfo
LoadIconA
InsertMenuItemA
SetWindowTextA
SetProcessWindowStation
BroadcastSystemMessage

kernel32

LCMapStringA
SetConsoleCtrlHandler
SetEnvironmentVariableA
MultiByteToWideChar
InterlockedExchange
GetCurrentProcessId
GetProcAddress
IsValidLocale
HeapSize
CreateToolhelp32Snapshot
GetStartupInfoA
FormatMessageW
GetOEMCP
GetLastError
VirtualFree
InitializeCriticalSection
GetEnvironmentStrings
WideCharToMultiByte
GetVersionExA
SetLastError
LoadLibraryA
TlsAlloc
RtlUnwind
FreeEnvironmentStringsA
GetCurrentThread
LCMapStringW
Sleep
GetModuleFileNameA
CompareStringW
VirtualQuery
LeaveCriticalSection
SetFileAttributesW
GetACP
FreeLibrary
EnterCriticalSection
GetTimeZoneInformation
GetStringTypeW
TlsGetValue
InterlockedIncrement
GetUserDefaultLCID
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetEnvironmentStringsW
GetStdHandle
VirtualQueryEx
HeapAlloc
WriteFile
GetCPInfo
GetTimeFormatA
GetLocaleInfoA
SetHandleCount
GetFileSize
GetLocaleInfoW
GetDateFormatA
EnumSystemLocalesA
GetStringTypeA
GetProcessHeap
HeapDestroy
GetTickCount
TlsSetValue
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetModuleHandleA
EnumSystemCodePagesA
ContinueDebugEvent
TerminateProcess
GetConsoleCursorInfo
IsValidCodePage
MoveFileW
HeapReAlloc
VirtualAlloc
GetFileType
GetCurrentProcess
GetSystemTimeAsFileTime
HeapCreate
HeapFree
InterlockedDecrement
DeleteCriticalSection
QueryPerformanceCounter
CompareStringA
TlsFree
IsDebuggerPresent

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

889b10d2a36ae6851724aee7ca3093fa

Headers

File Characteristics

Imports

wininet

comdlg32

gdi32

user32

kernel32

Sections

.text Size: 144KB - Virtual size: 143KB

.data Size: 275KB - Virtual size: 307KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 144KB - Virtual size: 143KB

.data
Size: 275KB - Virtual size: 307KB

.rsrc
Size: 12KB - Virtual size: 11KB