6a91cc6c00bb830738151ad283fd4367_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a91cc6c00bb830738151ad283fd4367_JaffaCakes118
Size

332KB
MD5

6a91cc6c00bb830738151ad283fd4367
SHA1

1bd6d6ecd9755828d88f4651d029dd2d0d1efebd
SHA256

58971206a60a894323617c387a14736cb5b579b24b9682af76166ab1027a5770
SHA512

e0dbf26e42c6714e8b97772bcfae74a66471b2bdc87ee6ef1087685a9b1a356a8ccd19d9318d236cc102a085bc34c6b0f696904345da688c79b66abf68cd1966
SSDEEP

6144:EcLwjfC2qPvPKUasyxPoBBo9zo2PozzdBEDOg0vHksnXUw1SBYo4:QjfC2k3KUasyYa9zngzdBEivvBEw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a91cc6c00bb830738151ad283fd4367_JaffaCakes118

Files

6a91cc6c00bb830738151ad283fd4367_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35a83364fe0c9d80bf3f95d26a0dc130

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceW
RegFlushKey
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegEnumKeyW
LookupAccountNameA
CreateServiceA
RegSetValueExA
ReportEventA
AbortSystemShutdownW
RegConnectRegistryA
AbortSystemShutdownA

comdlg32

PageSetupDlgA
ChooseFontA
FindTextA
GetSaveFileNameA

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ImageList_GetDragImage
GetEffectiveClientRect
_TrackMouseEvent
ImageList_Write
ImageList_LoadImage
CreateStatusWindowA
DestroyPropertySheetPage

shell32

ExtractIconEx
DoEnvironmentSubstW
ShellExecuteEx
ExtractIconExW

wininet

ShowSecurityInfo
InternetGoOnlineW
InternetFindNextFileW
DeleteUrlCacheEntryA
InternetGetConnectedStateEx
FtpDeleteFileW
InternetTimeToSystemTimeW
InternetSetOptionExW
SetUrlCacheGroupAttributeW

user32

MessageBoxW
DestroyWindow
CreateWindowExW
MessageBoxIndirectW
ShowWindow
SendNotifyMessageW
BroadcastSystemMessageA
DefWindowProcA
RedrawWindow
GetScrollBarInfo
SwitchDesktop
ScreenToClient
WinHelpA
WindowFromPoint
LockWindowUpdate
CharToOemA
GetFocus
RegisterClassExA
CreateMenu
SetRect
SetWindowTextA
CharPrevA
OpenWindowStationA
GetDlgItemInt
SwapMouseButton
InvertRect
GetClassNameA
UnloadKeyboardLayout
GetMenu
DdeDisconnect
MapDialogRect
GetIconInfo
GetThreadDesktop
GetClassLongW
RegisterDeviceNotificationW
EmptyClipboard
RegisterClassA

kernel32

ExitProcess
GetProcessHeap
InterlockedExchange
GetLocaleInfoW
VirtualQuery
InterlockedIncrement
GetCurrentProcessId
GetConsoleCP
GetModuleFileNameA
GetStdHandle
GetEnvironmentStringsW
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
WriteFile
SetEnvironmentVariableA
MultiByteToWideChar
IsValidLocale
QueryPerformanceCounter
GetLastError
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
InitializeCriticalSection
SetUnhandledExceptionFilter
GetACP
GetCurrentThread
HeapDestroy
TlsSetValue
GetCPInfo
CreateEventA
GetVersionExA
GetFileType
GetCalendarInfoA
VirtualAlloc
GetEnvironmentStrings
LoadLibraryA
GetStringTypeW
Sleep
SetHandleCount
InterlockedDecrement
WideCharToMultiByte
GetModuleHandleA
HeapReAlloc
GetCommandLineA
TerminateProcess
CreateFileA
GetExitCodeProcess
FlushFileBuffers
GetDateFormatA
GetStringTypeA
OpenMutexA
CloseHandle
GetOEMCP
GetSystemTimeAsFileTime
GetTimeFormatA
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
WriteConsoleW
GetUserDefaultLCID
WaitForSingleObjectEx
GetProcAddress
EnterCriticalSection
RtlUnwind
GetTickCount
CreateMutexA
TlsAlloc
WriteConsoleA
GetCurrentProcess
SetFilePointer
SetConsoleCtrlHandler
TlsFree
GetLocaleInfoA
LCMapStringA
EnumSystemLocalesA
SetLastError
VirtualFree
CompareStringA
FreeLibrary
HeapAlloc
FreeEnvironmentStringsA
HeapSize
SetStdHandle
IsValidCodePage
FreeEnvironmentStringsW
GetTimeZoneInformation
HeapCreate
TlsGetValue
GetStartupInfoA
ReadFile

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35a83364fe0c9d80bf3f95d26a0dc130

Headers

File Characteristics

Imports

advapi32

comdlg32

comctl32

shell32

wininet

user32

kernel32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 92KB - Virtual size: 115KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 92KB - Virtual size: 115KB

.rsrc
Size: 24KB - Virtual size: 22KB