6d4bed776e6c338d674b7b5294d80797_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6d4bed776e6c338d674b7b5294d80797_JaffaCakes118
Size

2.2MB
MD5

6d4bed776e6c338d674b7b5294d80797
SHA1

2bc561a30777457d6e398f3a3ee835ca83f1fc93
SHA256

2fab70fda22b40613db93aec95a8044aa84e84fb2964154f8e0ec770f0cab043
SHA512

38c098e8278011f124914950f061fe221e7e46c8512bc8aad884a5ac36f001e0f054c052fa8dfb1f59a4e76896715979440194c1563b002cd6752eedb76fa674
SSDEEP

49152:YfaG/sv/YzBQsvIE81euCB9RYNOvNNW5SdTykxUWp:OUXKF7BFzTykxV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d4bed776e6c338d674b7b5294d80797_JaffaCakes118

Files

6d4bed776e6c338d674b7b5294d80797_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a08d1c68326c16633e4483e23ff5974d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
HeapQueryInformation
ReadConsoleW
GetTempFileNameA
GetSystemTime
GetCommandLineW
GetSystemTimeAsFileTime
WideCharToMultiByte
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
VirtualAllocEx
CloseHandle
VerLanguageNameA
GetLastError
GetTempPathA
GetSystemDefaultLangID
WaitForSingleObject
EnumUILanguagesW
CreateWaitableTimerW
GetCurrentProcess
SetWaitableTimer
FindFirstFileA
GetFileSizeEx
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetStdHandle
ExitProcess
GetFileType
WriteConsoleW
SetConsoleCtrlHandler
GetCurrentThread
GetDateFormatW
GetTimeFormatW
CompareStringW
DecodePointer

user32

GetDlgItemTextA
GetClipboardFormatNameA
GetWindowDC
GetForegroundWindow
GetSystemMetrics
GetShellWindow

gdi32

SetWinMetaFileBits
SetICMProfileA
StretchBlt
GetICMProfileA
SetWindowExtEx
SetViewportExtEx
StrokeAndFillPath
DeleteDC
TextOutW
SetTextColor
SetWorldTransform
UnrealizeObject
WidenPath
SetTextCharacterExtra
SetTextAlign
CreateSolidBrush
DeleteObject
SetStretchBltMode
SetTextJustification
SetViewportOrgEx
TextOutA

advapi32

GetNamedSecurityInfoA

shell32

SHGetFolderLocation
SHBindToParent

ole32

CoInitialize

comctl32

ImageList_LoadImageA
ImageList_DrawEx
ImageList_DragLeave
ImageList_Create
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Add

msimg32

TransparentBlt

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

wtsapi32

WTSEnumerateSessionsA

oleacc

GetRoleTextW
GetOleaccVersionInfo

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 730KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a08d1c68326c16633e4483e23ff5974d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

msimg32

version

wtsapi32

oleacc

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 186KB - Virtual size: 185KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 730KB - Virtual size: 729KB

.reloc Size: 51KB - Virtual size: 50KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 186KB - Virtual size: 185KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 730KB - Virtual size: 729KB

.reloc
Size: 51KB - Virtual size: 50KB