63b661c71a2a53115b5861a39708df06_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63b661c71a2a53115b5861a39708df06_JaffaCakes118
Size

440KB
MD5

63b661c71a2a53115b5861a39708df06
SHA1

1a97bdc1748d0d93e77142bccfc13bd4c732a2d8
SHA256

1c49f5a97c2c133d5ed49c69a7059dbd605a0b3f05b63ac502d04c97d66e9d7e
SHA512

452ea3d5f0f64fb510a16c117edf4d050110f843c5ad7b8395321338a647cdfe34beb9537ebbba7d8a4da6d0a6f1ef2fd07fb64f7dd2caadd24e2822abade66e
SSDEEP

6144:8Xe+H2YGkrJhzucb0TCmxQZOa+i4QHOOSRllmXe+6WB+uacRppLXHk:OOYGWJlucbenIkMJLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b661c71a2a53115b5861a39708df06_JaffaCakes118

Files

63b661c71a2a53115b5861a39708df06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39491e6fb8146eda33db39c326beb7fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
LocalFree
GetLastError
DuplicateHandle
GetCurrentProcess
OpenProcess
TerminateProcess
MultiByteToWideChar
lstrlenW
OpenMutexA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetTickCount
CreateRemoteThread
GetModuleHandleA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
ResumeThread
HeapFree
HeapAlloc
GetCommandLineA
GetCommandLineW
GetLocalTime
LockResource
FreeResource
LoadResource
SizeofResource
FindResourceA
LoadLibraryExA
FindClose
FindNextFileA
FindFirstFileA
CreateToolhelp32Snapshot
Process32Next
Process32First
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
RaiseException
GetConsoleMode
GetConsoleCP
InitializeCriticalSection
DeleteFileA
GetTempPathA
GetTempFileNameA
lstrlenA
ExitProcess
CopyFileA
GetFileAttributesA
SetFileAttributesA
Sleep
GetFileSize
SetFilePointer
ReadFile
CreateFileA
WriteFile
CloseHandle
WideCharToMultiByte
GetProcessHeap
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
HeapReAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
LCMapStringA
LCMapStringW
UnhandledExceptionFilter

user32

GetDesktopWindow
EnumChildWindows
GetClassNameA
GetWindowTextA
GetParent
FindWindowExA

advapi32

LookupAccountSidA
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
SetEntriesInAclA
SetSecurityInfo

shell32

CommandLineToArgvW
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHChangeNotify

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
VariantInit
VariantClear

oleacc

AccessibleObjectFromWindow
WindowFromAccessibleObject
GetRoleTextA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39491e6fb8146eda33db39c326beb7fe

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

oleacc

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 348KB - Virtual size: 346KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 348KB - Virtual size: 346KB