61c6eaa137d9b43e22c4cce3b4caa552_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61c6eaa137d9b43e22c4cce3b4caa552_JaffaCakes118
Size

1.2MB
MD5

61c6eaa137d9b43e22c4cce3b4caa552
SHA1

2523505f671ef30a33bf8b74462bdc7ddf043a83
SHA256

ebd089751a85cb3bfd68839ac22e4d4918be4459935a158440d6b03292cbd442
SHA512

bcbb4953932d3f276df1f73d8e1f848694256e40c3e1c7b4182a8d448b7067225f5b0a380a92dcf63e0b27f0892593635338d3339d206194b2aa16f5dc022791
SSDEEP

24576:P6naVNCt8qNB2K80t/9IcwEiK3LyGxoz9alKLIe:P/Zc9t/9IcPz3LybUhe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61c6eaa137d9b43e22c4cce3b4caa552_JaffaCakes118

Files

61c6eaa137d9b43e22c4cce3b4caa552_JaffaCakes118
.exe windows:4 windows x86 arch:x86

050734edbe64d4c39e2bc831a6308625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

ReportEventA
CryptExportKey
RegSaveKeyW
CryptSetKeyParam
CryptDuplicateKey
RegSetValueExW
RegEnumKeyA
LookupSecurityDescriptorPartsA
CryptHashSessionKey
RegReplaceKeyA
LookupAccountNameA
CryptEnumProviderTypesW
LookupAccountNameW
RegCreateKeyA
CryptGenRandom
CryptGetKeyParam
RegEnumKeyExA

kernel32

UnhandledExceptionFilter
GetFileType
GetOEMCP
FreeEnvironmentStringsA
TlsFree
GetUserDefaultLCID
GetACP
EnterCriticalSection
SetHandleCount
GetModuleFileNameA
GetCurrentProcessId
SetEnvironmentVariableA
GetStdHandle
OpenWaitableTimerA
WriteFile
GetTimeFormatA
GetLocaleInfoW
HeapDestroy
VirtualProtect
GetSystemDirectoryA
SetStdHandle
FreeEnvironmentStringsW
HeapSize
GetLocaleInfoA
DeleteCriticalSection
EnumCalendarInfoExA
RtlUnwind
GetVersionExA
GetStringTypeW
GetProcAddress
MultiByteToWideChar
TerminateProcess
TlsSetValue
OpenMutexA
LoadLibraryA
GetLastError
ExitProcess
HeapFree
LCMapStringW
VirtualQuery
GetEnvironmentStrings
CompareStringA
GetTimeZoneInformation
QueryPerformanceCounter
ReadFile
GetCurrentThread
VirtualAlloc
GetCurrentThreadId
GetStringTypeA
SetFilePointer
GetTickCount
GetStartupInfoA
CloseHandle
GetStartupInfoW
TlsAlloc
GetCurrentProcess
WideCharToMultiByte
HeapAlloc
CompareStringW
SetLastError
CreateMutexA
EnumSystemLocalesA
SetLocalTime
LeaveCriticalSection
HeapReAlloc
GetDateFormatA
GetSystemTimeAsFileTime
GetSystemInfo
HeapCreate
IsBadWritePtr
InitializeCriticalSection
GetCommandLineA
GetEnvironmentStringsW
IsValidLocale
GetModuleFileNameW
InterlockedExchange
GetModuleHandleA
GetCommandLineW
FlushFileBuffers
VirtualFree
TlsGetValue
LCMapStringA
GetCPInfo
IsValidCodePage

shell32

ExtractIconExW
ShellExecuteW
DragQueryFileW
ExtractAssociatedIconW
SHFileOperationW

comdlg32

ChooseColorW
GetOpenFileNameW
LoadAlterBitmap
ChooseColorA

user32

BeginDeferWindowPos
RegisterClassExA
DdeCreateStringHandleW
SetSystemCursor
DdePostAdvise
ShowWindow
MapDialogRect
CreateWindowExA
InvalidateRect
RegisterClassA
GetMenuBarInfo
MessageBoxW
GetWindowTextA
MessageBoxExW

gdi32

EqualRgn
AbortDoc
SetTextCharacterExtra
SetDIBitsToDevice
GetPixelFormat
ExtCreatePen
CreateRectRgn
CheckColorsInGamut
DeleteDC
CreateDCA
GetDeviceCaps
Ellipse
GetBkColor
ExtSelectClipRgn
DPtoLP
SelectObject
SetTextAlign

Sections

.text
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 806KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

050734edbe64d4c39e2bc831a6308625

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

shell32

comdlg32

user32

gdi32

Sections

.text Size: 395KB - Virtual size: 395KB

.rdata Size: 15KB - Virtual size: 29KB

.data Size: 808KB - Virtual size: 806KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 395KB - Virtual size: 395KB

.rdata
Size: 15KB - Virtual size: 29KB

.data
Size: 808KB - Virtual size: 806KB

.rsrc
Size: 15KB - Virtual size: 15KB