60b3aca2518f9b67ce5bd830f1ab5f76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60b3aca2518f9b67ce5bd830f1ab5f76_JaffaCakes118
Size

169KB
MD5

60b3aca2518f9b67ce5bd830f1ab5f76
SHA1

6b057e0cffe66d8c407deb9d11111e4a02b5734d
SHA256

94ded79ff4ca85595137e543cf9706cf38b387c7a108049374867778d81a118d
SHA512

c4b418c7b021aed38249ad3194a11aeb9c513db1f4ba5af096f35e347ad0b8b3d483f597a5b5e41654a56af42ea4b0647cef1376da386e512ba604bf4e3e2fd3
SSDEEP

3072:0LWVXGru/KRekYhDGtBuQezCPhyi96j+xnqwyPkBrlyHhJP1zuda6h:4WMrSDGtZwzmnnycryBJduda6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60b3aca2518f9b67ce5bd830f1ab5f76_JaffaCakes118

Files

60b3aca2518f9b67ce5bd830f1ab5f76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f95b8e2d2640cf1ff84cd577a4ea4ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetOEMCP
LoadResource
IsDBCSLeadByte
GetFileType
GetLocaleInfoA
MultiByteToWideChar
GetSystemInfo
GetTickCount
GetSystemTimeAsFileTime
IsBadWritePtr
HeapReAlloc
SetHandleInformation
LCMapStringW
lstrcmpiA
IsBadReadPtr
MulDiv
FlushInstructionCache
GetProcessHeap
CloseHandle
SetStdHandle
RaiseException
HeapCreate
LCMapStringA
TerminateProcess
InitializeCriticalSection
GetModuleFileNameA
InterlockedExchange
TransmitCommChar
ExitProcess
FindResourceA
HeapDestroy
lstrlenA
VirtualProtect
SizeofResource
QueryPerformanceCounter
EnumResourceNamesW
RtlUnwind
VirtualFree
SetUnhandledExceptionFilter
lstrcpynA
UnhandledExceptionFilter
GetStdHandle
InterlockedDecrement
HeapAlloc
GetCurrentProcess
GetEnvironmentStringsW
TlsSetValue
LoadLibraryA
TlsGetValue
GetThreadLocale
FlushFileBuffers
WideCharToMultiByte
TlsFree
WriteFile
GetStringTypeW
GetCurrentProcessId
ExitProcess
LeaveCriticalSection
SetHandleCount
lstrcatA
GetStartupInfoA
GetCPInfo
LoadLibraryExA
lstrlenW
GetLastError
TlsAlloc
GetStringTypeA
SetFilePointer
HeapSize
GetCommandLineA
EnterCriticalSection
GetCurrentThreadId
FreeEnvironmentStringsW
SetLastError
GetVersionExA
LockResource
FreeEnvironmentStringsA
InterlockedIncrement
IsBadCodePtr
GetProcAddress
VirtualQuery
GetEnvironmentStrings
DeleteCriticalSection
lstrcpyA
FreeLibrary
VirtualAlloc
GetModuleHandleA
DisableThreadLibraryCalls
HeapFree

user32

CreateDialogParamA
SetWindowLongA
GetDialogBaseUnits
UnregisterClassA
IsWindow
DestroyWindow
IsDlgButtonChecked
GetDlgItem
GetDC
GetDlgItemTextA
IsDialogMessageA
ReleaseDC
ShowWindow
MoveWindow
SendMessageA
WinHelpA
SetDlgItemTextA
CheckDlgButton
EnableWindow
CharNextA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindExtensionA

gdi32

GetDeviceCaps
SelectObject
DeleteObject
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA

ole32

StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegQueryInfoKeyA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f95b8e2d2640cf1ff84cd577a4ea4ee

Headers

File Characteristics

Imports

kernel32

user32

msimg32

shlwapi

gdi32

ole32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 37KB - Virtual size: 37KB

.crt Size: 512B - Virtual size: 60KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 37KB - Virtual size: 37KB

.crt
Size: 512B - Virtual size: 60KB