6a7d426c707833d28a846dd0feb154d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a7d426c707833d28a846dd0feb154d7_JaffaCakes118
Size

244KB
MD5

6a7d426c707833d28a846dd0feb154d7
SHA1

75b90733c19cb507c60bebf43b5f1784df7b1583
SHA256

57cca9b04acacb79c7339376df74b546651abc783dcb160ea129ea15116e074d
SHA512

b6440a68592b73721038fd2157eb1c7390fe1acd55f97b1c006670422aba5dcbc29f10682d2525b60b7888fb8c8ec8baf9887432ad67055c3812efb4b732b0dd
SSDEEP

6144:0z3lafn2RxdWtBleuC7Utnckyjbk5ynrBl+M5pWK:C3M6aleuC7cniI54SWQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a7d426c707833d28a846dd0feb154d7_JaffaCakes118

Files

6a7d426c707833d28a846dd0feb154d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7745557cdcccefc1b93b6625d71d1d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetFileType
FlushFileBuffers
GetLocaleInfoW
GetTempFileNameW
FileTimeToDosDateTime
TlsSetValue
GetEnvironmentStrings
GetStringTypeExW
GetNamedPipeInfo
GetStdHandle
GlobalUnfix
GetVersion
ReadConsoleOutputCharacterA
GetThreadLocale
InterlockedIncrement
WaitForMultipleObjectsEx
ConvertDefaultLocale
LoadLibraryA
HeapFree
WriteConsoleW
RaiseException
GetEnvironmentStringsW
FormatMessageW
LCMapStringA
VirtualAllocEx
LCMapStringW
SetFilePointer
VirtualQuery
DeleteCriticalSection
WriteConsoleOutputW
GetProfileStringW
VirtualAlloc
OpenProcess
GetProfileIntA
CopyFileA
GetCPInfo
GetAtomNameW
GetNamedPipeHandleStateA
LocalSize
GetExitCodeProcess
HeapDestroy
EnumDateFormatsA
HeapReAlloc
GetACP
GetStringTypeW
ReleaseSemaphore
CreateThread
ReadFile
GetLocalTime
RtlUnwind
CompareStringW
DuplicateHandle
IsDebuggerPresent
QueryPerformanceCounter
GetPriorityClass
WideCharToMultiByte
GetProfileIntW
LeaveCriticalSection
MapViewOfFileEx
GetCommandLineA
HeapCreate
OpenWaitableTimerA
GetLocaleInfoA
SetHandleCount
FreeEnvironmentStringsW
MultiByteToWideChar
WaitForMultipleObjects
HeapValidate
GetFileAttributesExW
OpenSemaphoreW
TlsGetValue
GetSystemTime
GetTimeZoneInformation
VirtualFree
lstrcmp
LockFileEx
EnterCriticalSection
TryEnterCriticalSection
lstrcatA
WriteFile
IsBadWritePtr
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetCalendarInfoA
FillConsoleOutputCharacterW
TlsAlloc
HeapAlloc
SetPriorityClass
SetLastError
EnumTimeFormatsA
WriteProfileSectionW
CompareStringA
ExitProcess
EnumTimeFormatsW
GetStringTypeA
GetCurrentProcess
GetCurrentThread
IsBadReadPtr
CreateFileW
OpenEventW
ReadConsoleInputA
InterlockedDecrement
GetProfileSectionA
GetModuleFileNameA
SetConsoleTitleW
GetCurrentThreadId
lstrcpyA
SetStdHandle
GetCompressedFileSizeW
OpenMutexA
CloseHandle
OpenFileMappingA
GetLastError
CreateMutexA
GetProcAddress
GetOEMCP
GetCurrentProcessId
InterlockedExchange
InitializeCriticalSection
TlsFree
GetSystemTimeAsFileTime
TerminateProcess
CreateProcessA
GlobalFindAtomA
IsValidLocale
GetStartupInfoA
UnlockFile
UnhandledExceptionFilter
GetModuleHandleA

comdlg32

LoadAlterBitmap
ChooseFontW

advapi32

CryptVerifySignatureW
CryptSignHashA
CryptGetUserKey
RegSaveKeyA
CryptDestroyHash
CreateServiceA
CryptSetProviderExA
CryptContextAddRef
DuplicateTokenEx
LookupPrivilegeValueA
RegQueryValueExA
LookupSecurityDescriptorPartsA
LookupPrivilegeDisplayNameA
AbortSystemShutdownW
RegRestoreKeyW
RegCreateKeyW
LookupPrivilegeNameA
RevertToSelf

user32

GetClassNameW
DdeKeepStringHandle
InsertMenuW
MessageBoxExA
CreateDesktopW
PtInRect
GetDC
GetWindowInfo
ShowWindow
SendMessageTimeoutW
DestroyWindow
RegisterWindowMessageA
GetShellWindow
DdeAccessData
SetShellWindow
GetClassInfoW
RegisterClassA
DrawIconEx
CopyRect
CreateWindowExW
SetClipboardViewer
CloseWindow
TrackPopupMenuEx
RegisterClassExA
TranslateAcceleratorA
CreateIcon
DefWindowProcA
WinHelpA
MessageBoxA
DefDlgProcW
CharLowerBuffW
GetClassLongW

wininet

InternetDial
InternetShowSecurityInfoByURL
GetUrlCacheGroupAttributeA
LoadUrlCacheContent
InternetConfirmZoneCrossingW
InternetGetConnectedStateEx

shell32

SHGetNewLinkInfo
ShellExecuteExW
SHInvokePrinterCommandW

comctl32

ImageList_GetIcon
_TrackMouseEvent
ImageList_LoadImage
InitMUILanguage
InitCommonControlsEx
ImageList_Remove
CreatePropertySheetPage
DrawInsert
MakeDragList
ImageList_SetFilter

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7745557cdcccefc1b93b6625d71d1d1

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

user32

wininet

shell32

comctl32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 88KB - Virtual size: 97KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 88KB - Virtual size: 97KB

.rsrc
Size: 24KB - Virtual size: 20KB