6ab40a9e5be0ac9b74cc2c845884d61d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6ab40a9e5be0ac9b74cc2c845884d61d_JaffaCakes118
Size

132KB
MD5

6ab40a9e5be0ac9b74cc2c845884d61d
SHA1

9992edc7c84670bf1e8bb9e8f0ff92ec98cc9591
SHA256

2f697ab30f5f7bc7d75c620efe28faaf9abc0990892e315700db021d5a693ace
SHA512

38586df734acfe3ef16db9e57a46a59ac3f766e394584b3e69dfbb89f024c81c367960ab237f2827106a90c5335370d389d60105c9f6967c7578a3c9750b7b4a
SSDEEP

1536:tczGXpWH8HywBS2b4WjX2K89sn30aDWughYf6rO7tu1Ky+ppXP5CkCajVYi:ttXj7bRG85IrU5yW1P5rn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ab40a9e5be0ac9b74cc2c845884d61d_JaffaCakes118

Files

6ab40a9e5be0ac9b74cc2c845884d61d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cae0d867bbc9d985218c20d526a2008a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
CloseHandle
WriteFile
CreateFileA
GetTempPathA
CreateThread
GetTickCount
ExitThread
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
GetVersionExA
GetLocaleInfoA
lstrlenA
GetDriveTypeA
GlobalFree
GetFileAttributesA
MapViewOfFile
CreateFileMappingA
SetFilePointer
GetFileSize
FindClose
FindNextFileA
GetFullPathNameA
SetCurrentDirectoryA
FindFirstFileA
GetCurrentProcess
ExpandEnvironmentStringsA
GetCurrentDirectoryA
CreateMutexA
GetProcAddress
LoadLibraryA
GetEnvironmentStrings
FreeEnvironmentStringsA
LocalFree
SetFileAttributesA
CopyFileA
GetLastError
Sleep
TerminateProcess
UnmapViewOfFile
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetStringTypeW
GetStringTypeA
HeapSize
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
RaiseException
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapFree
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
SetHandleCount
GetStdHandle
GetFileType
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
FreeEnvironmentStringsW

user32

SetClipboardData
keybd_event
CharLowerA
CloseClipboard
SetForegroundWindow
SetFocus
VkKeyScanA
OpenClipboard
EmptyClipboard
ShowWindow

advapi32

RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString

ws2_32

WSAStartup
WSACleanup
recv
select
connect
socket
htons
closesocket
gethostbyname
inet_addr
sendto
send

urlmon

URLDownloadToFileA

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cae0d867bbc9d985218c20d526a2008a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

urlmon

shlwapi

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 436B