06c6586a26826954b423b4099f4d4612_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06c6586a26826954b423b4099f4d4612_JaffaCakes118
Size

623KB
MD5

06c6586a26826954b423b4099f4d4612
SHA1

66729cb04488e2ab8d6e4f43fbdb12320796b200
SHA256

e773e49163c8e43c97c6d6d6b5b1610036b80283d59ec1d90806d1e4f2bb6df1
SHA512

9dea52a203b306f199a6cf6e3101369112c345ccceaf8d133a38879bfc6e67e3f16797ea128749a48d8def2c9f97013060d91c9cad6030836a181a5afdc39d47
SSDEEP

12288:4Y49Vf39vgGjLBO0e8buF8/Qjd8QXeCdecbnlrGd59tg:4Y49pQ0eYuF8/Qjd8GeC/ZK5jg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c6586a26826954b423b4099f4d4612_JaffaCakes118

Files

06c6586a26826954b423b4099f4d4612_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fff07394433578a00135121b43232ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendInput
wsprintfW
RegisterClassA
GetAsyncKeyState
OpenDesktopW
GetThreadDesktop
InternalGetWindowText
GetSystemMenu
IsCharUpperA
RegisterClassExA
ShowWindowAsync
SetWindowTextW
PostMessageA

shell32

SHGetFileInfoW
SHLoadInProc
RealShellExecuteA
DragQueryPoint
FreeIconList

comctl32

InitCommonControlsEx

kernel32

SetLastError
GlobalUnlock
VirtualQuery
GetTimeFormatA
GetEnvironmentStrings
GetConsoleMode
SystemTimeToTzSpecificLocalTime
HeapCreate
TerminateProcess
FlushFileBuffers
EnterCriticalSection
FindResourceExA
GetLocaleInfoA
LCMapStringW
CreateMutexA
GetACP
GetOEMCP
GetSystemDirectoryW
CompareStringW
GetUserDefaultLCID
InterlockedDecrement
CreateFileA
LoadLibraryA
GetConsoleCP
FreeLibrary
EnumSystemLocalesA
GetSystemTimeAsFileTime
ReadFile
InitializeCriticalSection
HeapSize
GetStringTypeW
GetCommandLineA
GetStartupInfoA
ExitProcess
GetTickCount
LeaveCriticalSection
GetConsoleOutputCP
GetStringTypeA
HeapFree
GetCurrentThreadId
TlsAlloc
WriteFile
IsValidLocale
VirtualAlloc
DeleteCriticalSection
GetModuleFileNameW
IsValidCodePage
GetModuleHandleA
GetStartupInfoW
RtlUnwind
LCMapStringA
GetCurrentProcessId
GetTimeZoneInformation
Sleep
WriteConsoleA
GetModuleFileNameA
HeapAlloc
MultiByteToWideChar
GetCommandLineW
GetCurrentThread
GetCurrentProcess
GetStdHandle
InterlockedExchange
CloseHandle
VirtualFree
FreeEnvironmentStringsW
SetHandleCount
WideCharToMultiByte
SetStdHandle
SetConsoleCtrlHandler
GetEnvironmentStringsW
SetUnhandledExceptionFilter
TlsGetValue
SetFilePointer
CompareStringA
SetEnvironmentVariableA
IsDebuggerPresent
GetVersionExA
GetProcAddress
WriteProfileSectionA
GetProcessHeap
GetCPInfo
HeapReAlloc
GetLastError
OpenMutexA
GetFileType
QueryPerformanceCounter
SetThreadIdealProcessor
GetDateFormatA
TlsSetValue
GetLocaleInfoW
HeapDestroy
UnhandledExceptionFilter
ReadConsoleW
FreeEnvironmentStringsA
TlsFree
WriteConsoleW
InterlockedIncrement

advapi32

CryptImportKey
CryptGenKey
CryptEnumProvidersA
LookupSecurityDescriptorPartsA
ReportEventA
RegOpenKeyExA
ReportEventW
CryptSetProviderA
RegReplaceKeyW
AbortSystemShutdownA
CryptGetUserKey
AbortSystemShutdownW
RegLoadKeyA
RegEnumKeyA
CreateServiceA
CryptSetProviderW

wininet

GetUrlCacheConfigInfoA
CreateUrlCacheContainerW
InternetErrorDlg

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fff07394433578a00135121b43232ee

Headers

File Characteristics

Imports

user32

shell32

comctl32

kernel32

advapi32

wininet

Sections

.text Size: 278KB - Virtual size: 278KB

.rdata Size: 10KB - Virtual size: 41KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 278KB - Virtual size: 278KB

.rdata
Size: 10KB - Virtual size: 41KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 13KB - Virtual size: 12KB