60b0842b9ef0a38ea236f1da7de3fb6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60b0842b9ef0a38ea236f1da7de3fb6b_JaffaCakes118
Size

1.7MB
MD5

60b0842b9ef0a38ea236f1da7de3fb6b
SHA1

bdb81cee1abd40113ada1797dce2092f51cc5392
SHA256

edc8db7f440948a7d217bac00027ade02f3b3b5be78207a5b93203427e71c6e2
SHA512

96f49cb5861353a6e4df5b50889de5e6893931ad898f721fc5fae87eb1a24c852d86b7c57053bb6edbc61d3f05d72f16a7ad8d30b70ad80dd3d54712d4d22d57
SSDEEP

49152:yGDyTcUBQXrYNgXTrPFu0DZlM5hx96S7kNXw:y+ybe8NeFTvMeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60b0842b9ef0a38ea236f1da7de3fb6b_JaffaCakes118

Files

60b0842b9ef0a38ea236f1da7de3fb6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d864ec26585f13a59c30edf3a5e86f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA

gdi32

DeleteDC
TextOutA
SetTextColor
SetBkMode
GetStockObject
CreateDIBSection
IntersectClipRect
CreateCompatibleDC
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
SelectObject
GetTextMetricsA
GetObjectA
DeleteObject
CreateFontA

kernel32

CreateProcessA
TerminateProcess
WaitForSingleObject
CreateDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateMutexA
GlobalAlloc
LoadLibraryA
LeaveCriticalSection
GetVersionExA
FindFirstFileA
DeleteFileA
CloseHandle
MultiByteToWideChar
EnterCriticalSection
GetCommandLineA
GetLastError
SetThreadPriority
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
GlobalFree
GetProcAddress
GlobalLock
GetCurrentThread
FreeLibrary
GlobalUnlock
FindClose
GetCurrentThreadId
OutputDebugStringA
InitializeCriticalSection
DeleteCriticalSection
MulDiv
VirtualQuery
IsBadWritePtr
SetErrorMode
GetThreadPriority
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualProtect
InterlockedDecrement
FileTimeToSystemTime
GetSystemDirectoryA
CreateFileA
GetFileTime
InterlockedIncrement
Sleep
HeapSize
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetConsoleMode
GetConsoleCP
GetFileType
LockResource
GetStdHandle
WriteFile
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ReadFile
LCMapStringW
LCMapStringA
GetCPInfo
RaiseException
RtlUnwind
HeapReAlloc
GetFullPathNameA
GetDriveTypeA
GetLocalTime
GetSystemTimeAsFileTime
CreateThread
ResumeThread
ExitThread
GetStartupInfoA
GetProcessHeap
HeapAlloc
HeapFree
IsDebuggerPresent
UnhandledExceptionFilter
InterlockedExchange
FlushFileBuffers
WideCharToMultiByte
GetCurrentDirectoryA
SetCurrentDirectoryA
ExitProcess
GetTickCount
CreateFileMappingA
MapViewOfFile
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
SetEndOfFile
GetTimeZoneInformation
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetFileSize
RemoveDirectoryA

oleaut32

VariantClear

shell32

SHGetFolderPathA
ShellExecuteA

user32

CreateWindowExW
GetMessageA
GetSysColorBrush
SetTimer
GetClientRect
GetWindowPlacement
GetDlgItem
ScreenToClient
GetWindowRect
SetFocus
IsIconic
GetWindowLongA
SendMessageA
ChangeDisplaySettingsA
SetWindowTextA
SetForegroundWindow
GetWindowTextA
SetCursor
EnumDisplaySettingsA
ShowWindow
DefWindowProcA
DispatchMessageA
DrawTextExA
SetClipboardData
RegisterClipboardFormatA
DestroyCursor
AdjustWindowRect
TranslateMessage
DialogBoxIndirectParamA
SetCapture
OpenClipboard
BeginPaint
CloseClipboard
WindowFromPoint
SetWindowLongA
GetActiveWindow
MessageBoxW
RegisterClassA
EndPaint
EnumWindows
LoadCursorA
CreateCursor
CreateWindowExA
SystemParametersInfoA
LoadIconA
MessageBoxA
PeekMessageA
ReleaseCapture
ReleaseDC
ClientToScreen
MoveWindow
EmptyClipboard
GetCursorPos
GetSystemMetrics
IsWindowVisible
PostMessageA
DefWindowProcW
DestroyWindow
GetKeyboardLayout
FillRect
AdjustWindowRectEx
OffsetRect
GetWindowInfo
GetDC
EndDialog

winmm

mixerGetLineInfoA
timeBeginPeriod
PlaySound
mixerOpen
mixerGetLineControlsA
mixerClose
timeGetTime
mixerGetDevCapsA
mixerSetControlDetails
mixerGetControlDetailsA
timeEndPeriod

wsock32

WSAGetLastError
inet_addr
connect
gethostbyname
WSACleanup
recv
__WSAFDIsSet
socket
send
htons
closesocket
ioctlsocket
select
WSAStartup

ole32

CoInitialize

Sections

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.theta
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d864ec26585f13a59c30edf3a5e86f0c

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

oleaut32

shell32

user32

winmm

wsock32

ole32

Sections

.data Size: 1.1MB - Virtual size: 1.1MB

.text Size: 600KB - Virtual size: 600KB

.rsrc Size: 36KB - Virtual size: 36KB

.theta Size: 8KB - Virtual size: 8KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 600KB - Virtual size: 600KB

.rsrc
Size: 36KB - Virtual size: 36KB

.theta
Size: 8KB - Virtual size: 8KB