5c6d2e06d9767c8b38b1cb88968023e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c6d2e06d9767c8b38b1cb88968023e3_JaffaCakes118
Size

326KB
MD5

5c6d2e06d9767c8b38b1cb88968023e3
SHA1

380a530a395972f7ea5f9647087325dc4623842f
SHA256

1b9818b2ff285d58b02050676d41fbf8dcc8d106b117a7dfba3d051fec59bb75
SHA512

669f7133c29c4df4e6d1fdd2104c8f2c1ed75911987e0e454cc360ba7f2efb00b90a2e1de93c541dd607d06c40dd2b5518d8c7a8b7c21d94904cd6a7c21253bc
SSDEEP

6144:Mu2ohVR22QVSdhAaAcOeUEPz6ZQTBDIwPCTJD6:Mu28l6ZQTdkFD6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c6d2e06d9767c8b38b1cb88968023e3_JaffaCakes118

Files

5c6d2e06d9767c8b38b1cb88968023e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

105cd4fe3aa8ef788b65adb91e2ecb3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcmp
memcpy
_strnicmp
strncmp
strncpy
_strdup
free
sprintf
memmove
_stricmp
strlen
strcpy
strcat
memcmp
atoi
atof
fread
_setjmp3
gmtime
localtime
mktime
fmod
printf
fabs
ceil
malloc
floor
fclose
fopen
fseek
_snprintf
abort
_CIpow
__p__iob
fprintf
longjmp
strtod
sin
cos
abs

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
HeapFree
HeapAlloc
MultiByteToWideChar
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
Sleep
MulDiv
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
InitializeCriticalSection
GetCommandLineA
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
ReadFile
WideCharToMultiByte
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
HeapReAlloc
SetLastError
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
CreateDirectoryA
GetLastError
FindNextFileA
DeleteFileA
MoveFileA
SetFileAttributesA
CopyFileA
GetCurrentDirectoryA
GetLocalTime
TlsAlloc
TlsSetValue

comctl32

InitCommonControls
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

user32

FindWindowA
PostMessageA
GetSysColor
EnumChildWindows
GetClassNameA
GetWindowTextA
DestroyIcon
ShowCursor
GetClipCursor
ClientToScreen
ClipCursor
GetDC
ReleaseDC
EnumDisplaySettingsA
GetSystemMetrics
GetCursorPos
CharLowerA
EnableWindow
DefWindowProcA
DestroyWindow
GetWindowLongA
GetWindowTextLengthA
UnregisterClassA
LoadCursorA
RegisterClassExA
IsWindowEnabled
CreateWindowExA
SetWindowLongA
SendMessageA
SetFocus
CreateAcceleratorTableA
SetForegroundWindow
BringWindowToTop
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
GetForegroundWindow
EnumWindows
SetMenu
DestroyMenu
CreatePopupMenu
AppendMenuA
TrackPopupMenu
GetClientRect
SetWindowPos
ShowWindow
InvalidateRect
CallWindowProcA
GetParent
GetWindowRect
ScreenToClient
GetUpdateRect
MapWindowPoints
GetWindow
IntersectRect
ValidateRect
GetSysColorBrush
SetWindowTextA
GetScrollPos
MoveWindow
SetScrollInfo
SetScrollPos
RedrawWindow
GetScrollRange
FillRect
GetIconInfo
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateA
EndPaint
SetCapture
GetFocus
FrameRect
DrawFocusRect
PeekMessageA
RemovePropA
SetPropA
GetPropA
EnumPropsExA
SetActiveWindow
LoadIconA
RegisterClassA
AdjustWindowRectEx
GetActiveWindow
MsgWaitForMultipleObjects
GetMenu
IsZoomed
IsIconic
DefFrameProcA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
IsChild
DrawIconEx
CopyImage
CreateIconFromResourceEx
CreateIconFromResource

gdi32

BitBlt
CreateDCA
GetDeviceCaps
DeleteDC
GetStockObject
SetBkMode
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateBrushIndirect
SetBkColor
SetTextColor
GetObjectType
GetObjectA
CreateRectRgn
SelectClipRgn
StretchBlt
CreateSolidBrush
CreateFontA
SetTextAlign
CreatePen
SetPixelV
Rectangle
RoundRect
Ellipse
SetROP2
SelectPalette
RealizePalette
GetDIBits
SetStretchBltMode
StretchDIBits
MoveToEx
TextOutA
CreateFontIndirectA
GetPixel
ExtFloodFill
LineTo
GetTextExtentPoint32A
GetTextMetricsA
CreateDIBSection
GdiSetBatchLimit
GdiGetBatchLimit
SetDIBits
SetBrushOrgEx
CreateBitmap
SetPixel

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

advapi32

GetUserNameA

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantInit
DispGetParam
VariantClear

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

Sections

.code
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

105cd4fe3aa8ef788b65adb91e2ecb3c

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

comdlg32

advapi32

oleaut32

ole32

shell32

Sections

.code Size: 65KB - Virtual size: 65KB

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 22KB - Virtual size: 25KB

.rsrc Size: 32KB - Virtual size: 32KB

.code
Size: 65KB - Virtual size: 65KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 22KB - Virtual size: 25KB

.rsrc
Size: 32KB - Virtual size: 32KB