6a5523a4a4a008a3faf662405668b1a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a5523a4a4a008a3faf662405668b1a9_JaffaCakes118
Size

224KB
MD5

6a5523a4a4a008a3faf662405668b1a9
SHA1

83eb75a1755e858048142fa0017c318c80e6fdb8
SHA256

d7695f4c7cb47e2366e9f4221ade2ba745c5aa5e50b6767d590ac32fff6eeeb8
SHA512

67582ff3864e1118b4a4069d25df684dcb8f2619be435dd251b710d1650b5c8afd1e723638b8938476991aa774fe04b77fee37b92e0371b6ce9661501d985cbe
SSDEEP

6144:4IAyWZMBE8F4Z/nnKcXCp+tyaftw6VpMwkU5:4IAyWAEy4ZvKMyM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a5523a4a4a008a3faf662405668b1a9_JaffaCakes118

Files

6a5523a4a4a008a3faf662405668b1a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08184d9ce900208ca5949a1c753cf934

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject

pavedius

_PAVEDIUS_Open@4
_PAVEDIUS_OptionInfo@12
_PAVEDIUS_Close@4

shell32

SHCreateDirectoryExA

kernel32

InterlockedIncrement
GetTickCount
Sleep
CloseHandle
WaitForSingleObject
CreateThread
GetCurrentThreadId
GetCurrentProcess
SetPriorityClass
GetPriorityClass
GetModuleFileNameA
CreateMutexA
FlushFileBuffers
WriteFile
ReleaseMutex
SetFilePointer
CreateFileA
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
GetProcAddress
DeleteFileA
OutputDebugStringA
MultiByteToWideChar
GlobalLock
GlobalUnlock
InterlockedDecrement
WideCharToMultiByte
GetCurrentProcessId
LocalFree
GetModuleHandleA
GetThreadLocale
SetThreadLocale
LeaveCriticalSection
GetStartupInfoA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenA
FindFirstFileA
GetSystemInfo
GetVersionExA
FindClose

oleaut32

VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
GetErrorInfo
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysStringLen
VariantChangeType
VariantInit

ole32

CoInitialize
CoUninitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
CoCreateInstance

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA

netapi32

NetWkstaGetInfo
NetApiBufferFree
NetWkstaUserGetInfo

ws2_32

WSACleanup
WSAGetLastError
gethostbyname
gethostname
WSAStartup

mfc42

ord860
ord540
ord823
ord939
ord535
ord668
ord3181
ord2781
ord2770
ord356
ord537
ord5710
ord4278
ord6663
ord1158
ord2820
ord3811
ord800
ord825
ord941

msvcrt

_splitpath
strstr
_mbsrchr
vsprintf
strncpy
_stricmp
isalpha
strncmp
wcslen
wcsncpy
sscanf
wcsncmp
isxdigit
strchr
isdigit
toupper
wcscpy
time
memcpy
_makepath
calloc
rand
srand
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
malloc
free
__CxxFrameHandler
_purecall
realloc
_CxxThrowException
_mbscmp
exit
sprintf
memset
wcscmp
_strnicmp

user32

UpdateWindow
RegisterWindowMessageA
DefWindowProcA
InvalidateRect
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
wsprintfA
DestroyWindow
RegisterClassA

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wniejjg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08184d9ce900208ca5949a1c753cf934

Headers

File Characteristics

Imports

gdi32

pavedius

shell32

kernel32

oleaut32

ole32

advapi32

netapi32

ws2_32

mfc42

msvcrt

user32

msvcp60

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 57KB - Virtual size: 57KB

wniejjg Size: - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 57KB - Virtual size: 57KB

wniejjg
Size: - Virtual size: 4KB