60e928fefd826ad86dedfd8ca0b9dc30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60e928fefd826ad86dedfd8ca0b9dc30_JaffaCakes118
Size

519KB
MD5

60e928fefd826ad86dedfd8ca0b9dc30
SHA1

05ddb4cdc009454ee2ae8bde3542d30a87428912
SHA256

5f74344e383f240bac17dd79926f5b91763bec7f4e706b7fd28413d40f745ac4
SHA512

7e6a05d956ad1904e0bfb1ccc3b3e181eb768ca726da241c48a65e3d957af40fa369d05e15012de1212918ba36c59d11db6a2d55e61a2e0e7eb02e86df04188c
SSDEEP

12288:LLKN1iWK4lOUsqQC+BUroygPJSHK9kBR+i:H01lK4vnRCfkBgi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60e928fefd826ad86dedfd8ca0b9dc30_JaffaCakes118

Files

60e928fefd826ad86dedfd8ca0b9dc30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18660863ef7af5194dfc8bd0e82079ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSettings
SHChangeNotify

user32

CreateWindowExW
TranslateMDISysAccel
HideCaret
SetUserObjectSecurity
LoadMenuW
CallMsgFilterW
ShowCaret
UnhookWindowsHook
OpenWindowStationA
ChangeMenuW
CloseClipboard
EnumClipboardFormats
ChangeClipboardChain
RegisterClassA
MapVirtualKeyExA
GetClipCursor
DdeGetLastError
SendIMEMessageExA
RegisterClassExA
MessageBeep
GetGUIThreadInfo

kernel32

DeleteCriticalSection
GetVersion
WriteFile
ReadFile
EnterCriticalSection
GetCurrentProcessId
FlushFileBuffers
SetLastError
OpenMutexA
GetTickCount
RtlUnwind
HeapDestroy
OpenSemaphoreW
GetCurrentThread
QueryPerformanceCounter
SetHandleCount
GetCommandLineW
GetWindowsDirectoryA
VirtualAlloc
HeapCreate
GetPrivateProfileIntW
GetModuleFileNameW
CompareStringA
GetTimeZoneInformation
HeapReAlloc
Sleep
SetEnvironmentVariableA
GetModuleHandleA
CompareStringW
GetProcAddress
InterlockedDecrement
SetConsoleCursorPosition
CreateMutexA
IsBadWritePtr
GetEnvironmentStringsW
LocalHandle
EnumDateFormatsA
GetStringTypeA
RtlMoveMemory
GetDateFormatA
GetCPInfo
GetStartupInfoW
TlsGetValue
LocalSize
GetFileType
FreeEnvironmentStringsA
CreateRemoteThread
InterlockedIncrement
GetLocalTime
GetSystemTime
GetLastError
GetStdHandle
InitializeCriticalSection
UnhandledExceptionFilter
HeapAlloc
GetStartupInfoA
SetStdHandle
GetModuleFileNameA
ResetEvent
GetCurrentThreadId
LCMapStringA
GetStringTypeW
FileTimeToDosDateTime
GetEnvironmentStrings
lstrcmp
VirtualQuery
LoadLibraryA
SetFilePointer
GetSystemTimeAsFileTime
GetProfileSectionW
FreeEnvironmentStringsW
VirtualFree
InterlockedExchange
TlsFree
CloseHandle
TerminateProcess
LCMapStringW
TlsSetValue
GetCurrentProcess
GetCommandLineA
MultiByteToWideChar
ExitProcess
LeaveCriticalSection
TlsAlloc
HeapFree
WideCharToMultiByte

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18660863ef7af5194dfc8bd0e82079ac

Headers

File Characteristics

Imports

comctl32

shell32

user32

kernel32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 4KB - Virtual size: 21KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 4KB - Virtual size: 21KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 4KB - Virtual size: 3KB