6034fe104ee95590bc7b858fc09c04ba_JaffaCakes118

General

Target

6034fe104ee95590bc7b858fc09c04ba_JaffaCakes118
Size

3.7MB
MD5

6034fe104ee95590bc7b858fc09c04ba
SHA1

bcdcab6b278ea6e474758bc55be296e003694ebb
SHA256

51adeaf99b2287c9df1f534c8f7bfe2d16ef65297927fca51c658ec06fad53b4
SHA512

a4ac7d38cf075cd20ad3c9268ac6e6ebc5560d774707bec2c2111566b806ae4e2c5149e881f1c5d20196e71f313a6a4b231fcb9eb6a6781a927bc0e3137c61e4
SSDEEP

98304:aem1kqyL3mvuYRP5TnzwgOxZZaRjTmlStQfkVlMW:rO9YmvdfOyu1AT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6034fe104ee95590bc7b858fc09c04ba_JaffaCakes118

Files

6034fe104ee95590bc7b858fc09c04ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6982f892c787eed976377b365d003f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleIsRunning
RevokeDragDrop

user32

GetKeyboardState
TranslateMessage
GetIconInfo
SetScrollRange
GetKeyNameTextA
DefFrameProcA
EndMenu
InsertMenuItemA
LoadMenuIndirectA
GetClipCursor
FlashWindow
SetCaretPos
GrayStringW
GetActiveWindow
SetScrollInfo
GetKeyboardLayoutNameW
EndDialog
SetMenuItemInfoW
SetUserObjectInformationW
GetMenu
AppendMenuW
ExitWindowsEx
EnumDisplaySettingsW
RegisterHotKey
DrawIcon
GetClipboardOwner
MapDialogRect
DeleteMenu
MapWindowPoints
DefMDIChildProcW

kernel32

GlobalReAlloc
TryEnterCriticalSection
CloseHandle
SetConsoleCursorPosition
GetVolumeInformationW
GetConsoleCursorInfo
ScrollConsoleScreenBufferA
ExitProcess
FreeLibraryAndExitThread
GlobalFindAtomA
SetErrorMode
AreFileApisANSI
ExpandEnvironmentStringsW
GetTempFileNameA
GetProcessHeap
SetConsoleOutputCP
LocalSize
GetProfileStringA
TlsGetValue
GetFileAttributesExA
PurgeComm
GlobalAddAtomW
ConnectNamedPipe
DosDateTimeToFileTime
LoadResource
GetPrivateProfileSectionW
GetEnvironmentStringsW
MoveFileW
WritePrivateProfileSectionA
SetVolumeLabelA
OutputDebugStringA
SetProcessShutdownParameters
SetMailslotInfo
CompareStringA

msvcrt

_getche
wcscspn
towupper
gmtime
wcsncmp
_wspawnv
_vsnprintf

Sections

.text
Size: 6KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6982f892c787eed976377b365d003f38

Headers

File Characteristics

Imports

ole32

user32

kernel32

msvcrt

Sections

.text Size: 6KB - Virtual size: 224KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 6KB - Virtual size: 224KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB