6105a7d53b6738b341c088207b348f91_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6105a7d53b6738b341c088207b348f91_JaffaCakes118
Size

204KB
MD5

6105a7d53b6738b341c088207b348f91
SHA1

ddd87a4332be654576324f11edaf1db9fbbe4388
SHA256

32fd6635ec827fd516ccee27286f6af0ab1dcbd8cdd4344f9befb6872e1585a1
SHA512

cd687ea6883d3f2bd7f1367a71ec2eb71140b51833378d1d083544379ada9cf7b5e715c7375dc9086d04ae55ed60aab8aecabd810f12b9d86fb0a5f905924572
SSDEEP

3072:NcHxzcOaRSqHjWExEbTywK9fkCuEsO2vND3lcj0Nn8CIaXxmVpQ4xM1jD:mHSSq6uuO9fIEyNDyjR/awp3xM1P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6105a7d53b6738b341c088207b348f91_JaffaCakes118

Files

6105a7d53b6738b341c088207b348f91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2769887733b2a0edee1d59bd688797b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetDateFormatA
GetDiskFreeSpaceW
OpenSemaphoreW
lstrcatA
GetThreadLocale
GetProcAddress
OpenWaitableTimerA
GetPriorityClass
GlobalGetAtomNameA

user32

GetClassLongW
CreateDialogParamW
EndMenu
CheckMenuItem
GetMenuItemInfoA
GetKeyboardType
InsertMenuItemW
wvsprintfW
GetClassInfoA
PeekMessageA
GetDlgItemInt
RemoveMenu
wsprintfW
SetWindowRgn
CharPrevW
CopyIcon
SetTimer
CreateIcon
OpenClipboard
GetWindowLongA
UpdateWindow
GetMessageA
GetMenuStringA
GetIconInfo
CreateWindowExA
EmptyClipboard
WinHelpW
ChildWindowFromPoint
DialogBoxIndirectParamA
GetClassLongA
DefDlgProcA
GetDC
FindWindowA
CascadeWindows

gdi32

PlayMetaFile
ColorMatchToTarget
SetLayout
SetWorldTransform
UnrealizeObject
GetGlyphIndicesW
DeleteColorSpace
CopyEnhMetaFileW
IntersectClipRect
SetWinMetaFileBits
RemoveFontMemResourceEx
SetMapMode
GetPath
RealizePalette
GetDeviceCaps

advapi32

RegQueryInfoKeyW
RegReplaceKeyA
RegOpenKeyW
RegCreateKeyExA
RegRestoreKeyA
RegSaveKeyW

shlwapi

UrlGetLocationA
SHRegEnumUSValueA
PathRenameExtensionA
SHOpenRegStreamW
PathIsNetworkPathW
PathIsLFNFileSpecW
StrFormatKBSizeW

oleaut32

VarDateFromR4

ws2_32

getprotobynumber
gethostbyaddr
WSARecvDisconnect
sendto
send
getservbyport

urlmon

CreateAsyncBindCtxEx
URLDownloadToFileW
SetSoftwareUpdateAdvertisementState
RegisterMediaTypes
ZonesReInit
PrivateCoInstall
DllCanUnloadNow
HlinkNavigateMoniker
HlinkGoForward
CreateURLMoniker
CoInternetGetSecurityUrl
IsLoggingEnabledW
MkParseDisplayNameEx
CreateAsyncBindCtx
CDLGetLongPathNameA

oledlg

OleUIInsertObjectW
OleUIChangeIconA
OleUIConvertW
OleUIChangeIconW
OleUIConvertA
OleUIObjectPropertiesW
OleUIInsertObjectA
OleUIChangeSourceW
OleUIChangeSourceA

wsock32

htonl
GetAddressByNameW
WSAIsBlocking
GetAcceptExSockaddrs
GetAddressByNameA
SetServiceA
EnumProtocolsW
WSAAsyncGetHostByAddr
rresvport
accept

Sections

.nk
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gP
Size: 1KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RQEe
Size: 3KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CId
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r
Size: 4KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bq
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2769887733b2a0edee1d59bd688797b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

oleaut32

ws2_32

urlmon

oledlg

wsock32

Sections

.nk Size: 12KB - Virtual size: 12KB

.gP Size: 1KB - Virtual size: 317KB

.RQEe Size: 3KB - Virtual size: 268KB

.CId Size: 3KB - Virtual size: 12KB

.data Size: 101KB - Virtual size: 396KB

.r Size: 4KB - Virtual size: 368KB

.bq Size: 3KB - Virtual size: 21KB

.rsrc Size: 73KB - Virtual size: 72KB

.reloc Size: 1024B - Virtual size: 754B

.nk
Size: 12KB - Virtual size: 12KB

.gP
Size: 1KB - Virtual size: 317KB

.RQEe
Size: 3KB - Virtual size: 268KB

.CId
Size: 3KB - Virtual size: 12KB

.data
Size: 101KB - Virtual size: 396KB

.r
Size: 4KB - Virtual size: 368KB

.bq
Size: 3KB - Virtual size: 21KB

.rsrc
Size: 73KB - Virtual size: 72KB

.reloc
Size: 1024B - Virtual size: 754B