6050f2be35482ff40c1384ed3125e75d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6050f2be35482ff40c1384ed3125e75d_JaffaCakes118
Size

468KB
MD5

6050f2be35482ff40c1384ed3125e75d
SHA1

b56e9491b54a5dbfdd5127856463293675ffb9ac
SHA256

48822e9b6690d24064d84be2577603c8f8affe1208211a56952102db5e9b39cb
SHA512

d568cc50e7a3effc2e3155099eb4b560eb7f573c96be5a71b0e4fbce484c0c6049f59f41348c3915324e8ee2f031102a60565ecc6f59ea1f87add7194536a062
SSDEEP

6144:omnYvGhbZmAePTGjQf33Y/qctS2o2wclpUoFdtT1H2c840dMU4hBYJ:oBcNGPSjEYSv2plpFdtRW7khe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6050f2be35482ff40c1384ed3125e75d_JaffaCakes118

Files

6050f2be35482ff40c1384ed3125e75d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

768a351e79da5010b8f45121b5c3a083

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\uav.pdb

Imports

kernel32

GetOEMCP
SetPriorityClass
GetPrivateProfileStringA
GetACP
CreateFileA
Sleep
LCMapStringW
GetCurrentProcessId
OpenMutexA
SetStdHandle
GetTimeFormatW
GetProcessHeap
HeapReAlloc
GetSystemTimeAsFileTime
GetConsoleCursorInfo
TryEnterCriticalSection
GetStartupInfoA
GetModuleFileNameA
CompareStringA
VirtualFreeEx
lstrcmpiA
GetTimeZoneInformation
LCMapStringA
GetTickCount
SetConsoleTextAttribute
GetProcAddress
WritePrivateProfileSectionW
UnhandledExceptionFilter
CompareStringW
GetLocalTime
GetVersionExA
GetStringTypeW
CreateDirectoryExA
IsValidLocale
HeapFree
ReadConsoleInputA
GetCurrentThread
GetEnvironmentStrings
GetProcessAffinityMask
ReadFile
TerminateProcess
VirtualQuery
SetFileAttributesW
GetFileType
FlushFileBuffers
HeapAlloc
CreatePipe
SetConsoleCtrlHandler
GetCurrentProcess
TlsSetValue
HeapSize
WriteFile
WriteProfileSectionW
LeaveCriticalSection
FindNextFileW
GetModuleHandleA
WriteConsoleW
SetConsoleActiveScreenBuffer
VirtualAlloc
WriteConsoleA
CloseHandle
GetConsoleMode
SetCurrentDirectoryA
InitializeCriticalSection
GetStringTypeA
GetLocaleInfoW
GetProcessHeaps
GetConsoleCP
EnterCriticalSection
VirtualFree
WriteConsoleInputW
LoadLibraryA
GetUserDefaultLCID
GetLocaleInfoA
DeleteCriticalSection
GetCurrentThreadId
GlobalUnfix
SetCriticalSectionSpinCount
GetEnvironmentStringsW
EnumSystemLocalesA
SetUnhandledExceptionFilter
EnumCalendarInfoExA
GetConsoleOutputCP
GetLastError
MultiByteToWideChar
SetEnvironmentVariableA
GlobalAddAtomA
GetLongPathNameA
SetLastError
FreeEnvironmentStringsW
IsDebuggerPresent
RtlUnwind
GetCommandLineA
SetFilePointer
QueryPerformanceCounter
InterlockedDecrement
TlsAlloc
FreeEnvironmentStringsA
DeleteFileW
FreeLibrary
GetTimeFormatA
CreateThread
InterlockedExchange
GetStdHandle
IsValidCodePage
ExitProcess
WideCharToMultiByte
HeapDestroy
GetDateFormatA
GetCPInfo
InterlockedIncrement
HeapCreate
TlsGetValue
EnumTimeFormatsA
TlsFree
CreateMutexA
SetHandleCount

user32

DestroyWindow
GetWindowModuleFileNameA
LoadImageW
RegisterClassExA
SetWindowLongA
OpenWindowStationA
SendInput
CopyAcceleratorTableA
EnableScrollBar
ChangeDisplaySettingsExA
GetClipCursor
GetSubMenu
CreateWindowExA
DrawCaption
MessageBoxA
GetTabbedTextExtentA
PeekMessageA
CharUpperW
DlgDirSelectComboBoxExW
RegisterWindowMessageA
ScrollWindow
RegisterClassW
ShowWindow
IsCharAlphaW
DefWindowProcW
CharLowerBuffA
ShowWindowAsync
GetClientRect
GetClipboardFormatNameA
RegisterClassA
GetMonitorInfoA
GetMenuInfo
WINNLSGetIMEHotkey

comctl32

ImageList_AddIcon
CreatePropertySheetPageW
ImageList_DragLeave
DrawStatusTextA
CreateMappedBitmap
ImageList_Merge
ImageList_GetIcon
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Add
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_Create
_TrackMouseEvent
ImageList_Copy
ImageList_LoadImage
ImageList_Read

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

768a351e79da5010b8f45121b5c3a083

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 100KB - Virtual size: 131KB

.rsrc Size: 72KB - Virtual size: 69KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 100KB - Virtual size: 131KB

.rsrc
Size: 72KB - Virtual size: 69KB