60afda31507fa06b2b25a6641b1c4fe0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60afda31507fa06b2b25a6641b1c4fe0_JaffaCakes118
Size

217KB
MD5

60afda31507fa06b2b25a6641b1c4fe0
SHA1

305b3a7e8d56abb0a43264918d4e8c3d1caf830a
SHA256

420f0210a8ab5ba3ba137f67eabf19efd866abb80dd6bf47f646b8b3ca792d9c
SHA512

feae1e10c8ea608f1539d4d82010747daea4c4212491f8b66c50a271469bc144e1799267a2cf9a4d72d2475b17e104e42da08d83a0347e33dcbdc7aee42d8ee5
SSDEEP

3072:q/guWlYvqIsb/sDrL5AGPphxinqaaBB5xdYEkHoFAsSWgVLOCybvNIX:WghYvZsoDH5DhxcyHziCngZOCUaX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60afda31507fa06b2b25a6641b1c4fe0_JaffaCakes118

Files

60afda31507fa06b2b25a6641b1c4fe0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2918150f915c6dddef807b056e3cd92e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetFileSize
DeleteFileA
MoveFileA
WriteFile
ResetEvent
Sleep
LoadLibraryA
GetProcAddress
GetModuleFileNameA
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
lstrlenA
FindClose
CreateDirectoryA
RemoveDirectoryA
FormatMessageA
FindFirstFileA
ReadFile
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetEnvironmentVariableA
GetLogicalDriveStringsA
GetDriveTypeA
GetTempFileNameA
FindNextFileA
CreateProcessA
GetExitCodeProcess
GetVersion
SetFilePointer
MulDiv
GetCurrentThreadId
GetCurrentProcess
LockResource
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetDiskFreeSpaceA
GetModuleHandleA
FlushFileBuffers
lstrcmpiA
GetPrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
MultiByteToWideChar
lstrlenW
CreateMutexA
GetFileAttributesA
SetFileAttributesA
CopyFileA
DebugBreak
HeapSize
HeapReAlloc
HeapDestroy
LocalAlloc
GetStartupInfoA
ExitProcess
GetCommandLineA
CreateFileA
FindResourceExA
lstrcmpA
LoadResource
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
VirtualProtect
SizeofResource
FindResourceA
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventA
SetEvent
GetExitCodeThread
WaitForSingleObject
GetLastError
CreateThread
CloseHandle
FreeLibrary
VirtualAlloc
GetSystemInfo
VirtualQuery
FlushInstructionCache
RtlUnwind

user32

EmptyClipboard
SetClipboardData
CreateDialogParamA
PostQuitMessage
GetPropA
DefWindowProcA
CallWindowProcA
GetSystemMetrics
LoadImageA
DialogBoxParamA
CloseClipboard
ModifyMenuA
GetSystemMenu
IsDialogMessageA
RedrawWindow
ShowWindow
CreateWindowExA
DestroyWindow
RemovePropA
SetPropA
IsWindow
PostMessageA
MessageBoxA
KillTimer
EnableWindow
SetTimer
OpenClipboard
ScreenToClient
EnableMenuItem
GetSubMenu
LoadMenuA
DestroyMenu
TrackPopupMenu
GetActiveWindow
LoadStringA
SetWindowLongA
SendMessageA
EndDialog
GetWindowLongA
GetWindow
SetFocus
InvalidateRect
LoadIconA
SystemParametersInfoA
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowTextA
GetDlgItem
UnregisterClassA
CharNextA
GetDesktopWindow
IsWindowVisible
wvsprintfA
SetWindowPos

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegCreateKeyExA

shell32

ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2918150f915c6dddef807b056e3cd92e

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 34KB - Virtual size: 34KB