06c120ac745190f9f23f5ec07f559484_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06c120ac745190f9f23f5ec07f559484_JaffaCakes118
Size

531KB
MD5

06c120ac745190f9f23f5ec07f559484
SHA1

3e43992eda0fd11c6f1576e7ea996038fc40a5b5
SHA256

c89edadf73e14c34de822dcced72433626b82c8baf18fb81529b46723eb330de
SHA512

2aa39ef7067519e4a013ee474194c70b77cbb1e638eef32ede2c2a3dc19ea427a5f0bcd856e29ce82f714098e6bb81602d8c9c3d4b1bad020f3dee1a264d67bc
SSDEEP

12288:HM+rbrqK/4Ay0EpUAmM9IcE+DGZ/hW4uEQlNUwr76MJ2zW:7brqK/4Ay0EpSM9xyvWrEQlNUwX2z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c120ac745190f9f23f5ec07f559484_JaffaCakes118

Files

06c120ac745190f9f23f5ec07f559484_JaffaCakes118
.exe windows:4 windows x86 arch:x86

258c0d6005f7290d52e0de8e102c8a72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

SetEnvironmentVariableA
GetStringTypeW
TlsSetValue
GetProcAddress
InitializeCriticalSection
GetCurrentThreadId
GetCPInfo
GetDateFormatA
GetProcessShutdownParameters
LCMapStringW
LocalFileTimeToFileTime
SetLastError
GetStartupInfoW
HeapCreate
WriteFile
GetEnvironmentStrings
ReadFile
FlushFileBuffers
CreateProcessA
CloseHandle
CreateMutexA
GetLocaleInfoA
InterlockedExchange
GetLastError
LoadLibraryA
GetTimeZoneInformation
VirtualQuery
GetLocaleInfoW
VirtualProtect
GetModuleFileNameW
OpenMutexA
EnterCriticalSection
VirtualAlloc
GetVersionExA
TlsGetValue
GetModuleFileNameA
SetFilePointer
GetCommandLineA
GetTimeFormatA
CompareStringW
GetCurrentProcessId
GetStringTypeA
GetEnvironmentStringsW
UnhandledExceptionFilter
SetStdHandle
HeapSize
GetCommandLineW
TlsAlloc
GetFileType
EnumSystemLocalesA
GetACP
WideCharToMultiByte
GetStdHandle
GetUserDefaultLCID
TerminateProcess
GetCurrentProcess
TlsFree
IsBadWritePtr
SetHandleCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
VirtualFree
CompareStringA
ExitProcess
IsValidCodePage
GetTickCount
HeapReAlloc
DeleteCriticalSection
HeapFree
SetLocaleInfoW
LeaveCriticalSection
GetCurrentThread
GetModuleHandleA
FreeEnvironmentStringsA
LCMapStringA
IsValidLocale
HeapAlloc
QueryPerformanceCounter
GetStartupInfoA
GetOEMCP
HeapDestroy
GetSystemInfo
MultiByteToWideChar
RtlUnwind
lstrcpyn

user32

GetClassInfoA
RegisterClassA
DlgDirSelectExW
RegisterClassExA
LoadAcceleratorsA
ShowWindow
PeekMessageA
CreateDesktopA
CreateCaret
CallMsgFilterW
SetForegroundWindow
GetClassNameA
DdeFreeStringHandle
EnumDisplayDevicesW
GetClassLongW
EmptyClipboard
MessageBoxW
GetCaretPos
CreateWindowExW
DdeKeepStringHandle
IsWindow
CheckDlgButton
DrawCaption
GetWindowThreadProcessId

gdi32

EnableEUDC
EnumFontsA

comdlg32

GetFileTitleW

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

258c0d6005f7290d52e0de8e102c8a72

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 324KB - Virtual size: 324KB

.rdata Size: 70KB - Virtual size: 100KB

.data Size: 115KB - Virtual size: 115KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 324KB - Virtual size: 324KB

.rdata
Size: 70KB - Virtual size: 100KB

.data
Size: 115KB - Virtual size: 115KB

.rsrc
Size: 20KB - Virtual size: 19KB