6261ac48be1d4df6cfe8c6de6fd9e06e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6261ac48be1d4df6cfe8c6de6fd9e06e_JaffaCakes118
Size

496KB
MD5

6261ac48be1d4df6cfe8c6de6fd9e06e
SHA1

b9fb4b3ca5ddd40c07ce40c7d69a64b793315d78
SHA256

b4ba0b89e36bfa4fabaaedb3faf559ecb3284f922bd9208ed7f242653401d80d
SHA512

c213966984aa7d78dc4b89be30ec64c84a717ada8af2e1ff1aa25872907f91b22c80fdba1c97e5870a6092191a2bd6c54d5bda2435bc9acee906a36419db40a5
SSDEEP

12288:mqkcNG5opWB0cPvxqCaQdcvEmQz9f1Nl7ixyR6eZ:mqkcdWG1CNcjAf1DdR6e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6261ac48be1d4df6cfe8c6de6fd9e06e_JaffaCakes118

Files

6261ac48be1d4df6cfe8c6de6fd9e06e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4da30b35e0d54740ee9df78320916f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringLen
SysFreeString

gdi32

GetStockObject
DeleteDC
DeleteObject
SelectObject
SetTextColor

user32

IsWindow
GetDC
GetCursorPos
UnregisterClassA
ClientToScreen
GetActiveWindow
GetKeyState
DestroyWindow
GetMessageA
GetParent
UpdateWindow
DefWindowProcA
ShowWindow
EnableWindow
SetWindowPos
TranslateMessage
IsWindowEnabled
LoadStringA
RegisterClassA
GetWindowLongA
CreateWindowExA
DispatchMessageA
EndPaint
SetFocus
PeekMessageA
LoadBitmapA
GetSystemMetrics
GetWindowRect
SetCapture
ReleaseCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetSubMenu
SetTimer
GetDlgItem
ScreenToClient
LoadCursorA
TrackPopupMenu
SendMessageA
SetForegroundWindow
ReleaseDC
GetFocus
EndDialog
MessageBoxA
GetSysColor
PostMessageA
SetCursor
IsWindowVisible
InvalidateRect
wsprintfA
GetClientRect
PostQuitMessage
BeginPaint

kernel32

FormatMessageA
OutputDebugStringA
SetLastError
InterlockedDecrement
FindClose
IsDebuggerPresent
HeapAlloc
GetVersionExA
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
LoadLibraryExW
GetModuleFileNameW
LoadResource
InitializeCriticalSection
TlsGetValue
CreateFileMappingA
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
HeapDestroy
GetFileAttributesW
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetCurrentDirectoryA
GetConsoleMode
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
CreateFileA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
lstrcmpiA
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetExitCodeProcess
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
CompareStringA
GetOEMCP
GetFullPathNameA
VirtualAlloc
FindResourceA
SetConsoleCtrlHandler
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
SizeofResource
UnmapViewOfFile
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
DuplicateHandle
RemoveDirectoryA
FindNextFileA
MultiByteToWideChar
ResetEvent
lstrcpyA
GetCurrentThreadId
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
GetSystemTime
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetVersion
SetEndOfFile
CreateEventW
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
LocalFree

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

msvcrt

_controlfp
_cexit
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_strcmpi

Sections

.text
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4da30b35e0d54740ee9df78320916f1

Headers

File Characteristics

Imports

oleaut32

gdi32

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 295KB - Virtual size: 295KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 295KB - Virtual size: 295KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 2KB - Virtual size: 2KB