6a29e203d24319109b5fdd0e8717a3e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a29e203d24319109b5fdd0e8717a3e1_JaffaCakes118
Size

6.4MB
MD5

6a29e203d24319109b5fdd0e8717a3e1
SHA1

a6d340933847ddedaae60f146d51f54b132feac4
SHA256

25a6aadc64834b8f685d78e3d9a44e566a743809c5a460e16c2f2583668260bf
SHA512

04f33b3010772d1e72755d83683c5fc6e0cedf5fea7902023c6a32fddf04b3f398fc94234d86327dbfc9a4d191e8712f4b92813e3ebffd00ce3df5d709ba79a7
SSDEEP

196608:Uo0Eg1eh5RCjXnouy6NlkSdgTEFpL2M5NClL0:Uo0B4hTIXnly2augTEnCMPuL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a29e203d24319109b5fdd0e8717a3e1_JaffaCakes118

Files

6a29e203d24319109b5fdd0e8717a3e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46126291da71b1d1c3ac4118b54ee767

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
GetFileInformationByHandle
CreateFileA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
Sleep
ResumeThread
CreateThread
GlobalFree
GlobalAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
Process32Next
TerminateProcess
OpenProcess
Module32First
Process32First
CreateToolhelp32Snapshot
WritePrivateProfileStringA
GetSystemDirectoryA
LockResource
LoadResource
SizeofResource
FindResourceA
WinExec
GetWindowsDirectoryA
FreeLibrary
GetVersionExA
GetCurrentProcess
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FileTimeToDosDateTime
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetTimeZoneInformation
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
SetStdHandle
GetStdHandle
SetHandleCount
SetEndOfFile
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
VirtualQuery
GetFileAttributesA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetTempPathA
GetModuleFileNameA
CopyFileA
DeleteFileA
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
WriteFile
ReadFile
GetFileType
HeapFree
HeapAlloc
CreateDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetSystemDefaultLangID
GetLocalTime
DeviceIoControl
ExitProcess
RtlUnwind
FindClose
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
RemoveDirectoryA

user32

SetDlgItemTextA
ShowWindow
SetWindowTextA
FindWindowA
GetDlgItemInt
SetFocus
ExitWindowsEx
OffsetRect
MoveWindow
LoadStringA
LoadIconA
LoadCursorA
DestroyIcon
SetForegroundWindow
RegisterClassA
DefWindowProcA
PostQuitMessage
GetClientRect
LoadImageA
InflateRect
DrawTextA
GetMessageA
EnableWindow
CreateWindowExA
PeekMessageA
DispatchMessageA
TranslateMessage
MessageBoxA
EnumWindows
GetDlgItemTextA
GetCursorPos
GetWindowRect
LoadBitmapA
IsDlgButtonChecked
GetParent
PostMessageA
CheckRadioButton
SendDlgItemMessageA
wvsprintfA
DialogBoxParamA
wsprintfA
GetWindowLongA
EndDialog
SetWindowLongA
GetDesktopWindow
GetDlgItem
SendMessageA
FillRect

gdi32

CreateCompatibleDC
SetStretchBltMode
StretchBlt
DeleteDC
CreateSolidBrush
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
DeleteObject
GetStockObject
GetObjectA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoInitialize
CoUninitialize

setupapi

SetupOpenInfFileA
SetupGetLineByIndexA
SetupGetLineTextA
SetupGetLineCountA
SetupCloseInfFile

msimg32

GradientFill

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46126291da71b1d1c3ac4118b54ee767

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

setupapi

msimg32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 112KB - Virtual size: 110KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 112KB - Virtual size: 110KB