6aa0489b493b52ac91805a16445b12fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6aa0489b493b52ac91805a16445b12fc_JaffaCakes118
Size

109KB
MD5

6aa0489b493b52ac91805a16445b12fc
SHA1

4df22d709b09309d707a658e9484eaf5085d8f4e
SHA256

c30e8e626752c57fea76389d85199139ccba191bf931582a57de4db34da05d45
SHA512

093f7fde45c6a492fb769b2b093da8a5e62cd908d0dabfe722f634f5f02a683b05a01efdf187592ee05127a6b7337afe2d706fd8fd181e5f645f73e9d970f7ac
SSDEEP

1536:tDWMPGQ31Dxlhd2T9GoGNbrM4HJPAcGjziWRTz9S0flp4g5RJ+Ilqd:YMPGUbl/2xGoGprpRUznRTz9SP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aa0489b493b52ac91805a16445b12fc_JaffaCakes118

Files

6aa0489b493b52ac91805a16445b12fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abfdadd685d16a3e24d2f2b39bb3593b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleBitmap
StartPage
DeleteDC
PatBlt
CreateFontIndirectA
SetBitmapDimensionEx
RealizePalette
SetViewportOrgEx
CreatePenIndirect
SetPaletteEntries
GetTextExtentPoint32W
SetWindowExtEx
GetSystemPaletteEntries
Polygon
GetFontData
CreateCompatibleDC
SelectObject
MoveToEx

comdlg32

FindTextW
ChooseColorW
GetSaveFileNameW

user32

SendNotifyMessageW
CreateIconIndirect
SetWindowPlacement
TileWindows
LockWindowUpdate
DestroyCaret
TranslateAcceleratorW
AdjustWindowRectEx
InflateRect
GetDC
AdjustWindowRect
GetSystemMetrics
GetFocus
DrawFrameControl
FindWindowW
keybd_event
CharNextW
TrackPopupMenuEx
ReleaseDC
GetPropW
InvertRect
CreateCaret
DefWindowProcA
GetClassInfoExW
IsWindowUnicode
SetScrollPos
CopyRect
SendDlgItemMessageW
BringWindowToTop
DestroyIcon
GetForegroundWindow
GetSysColor
AllowSetForegroundWindow
LoadBitmapW
DestroyWindow
GetScrollRange
GetNextDlgGroupItem
EnumWindows
DialogBoxIndirectParamA
GetKeyboardLayoutNameW
TranslateAcceleratorA
GetMenuState
CheckMenuItem
CreateWindowExA

kernel32

DeleteFileA
FreeResource
LocalLock
FlushViewOfFile
GetSystemDirectoryA
FindFirstFileA
GetProcessHeap
GetModuleHandleA
PulseEvent
EnumResourceNamesW
OpenSemaphoreW
LocalFree
VerifyVersionInfoW
GetTimeFormatA
HeapFree
HeapAlloc
Sleep
LoadLibraryW
HeapReAlloc
FileTimeToSystemTime
VirtualQuery
QueryPerformanceCounter
EscapeCommFunction
OpenFileMappingW

msvcrt

_controlfp
__set_app_type
__p__fmode
mbtowc
__p__commode
_amsg_exit
_initterm
strncmp
wcstol
_acmdln
iswspace
exit
_ismbblead
wcscmp
_XcptFilter
realloc
strcspn
getc
_exit
_cexit
strncpy
isprint
printf
__setusermatherr
__getmainargs
strtoul

shlwapi

StrToIntA
PathRemoveBlanksW
StrNCatW

Exports

Exports

?HideWindowA@@YGKPAFJFM*Z
?OnTimerA@@YGPAKPADPAGPAK*Z
?HideWidthOriginal@@YGKIF*Z
?OnFullNameExA@@YGMPAHK*Z
?SetPathW@@YGPAFF*Z
?SetObjectOld@@YGKPAJKHM*Z
?FormatRectEx@@YGPAHDF*Z

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abfdadd685d16a3e24d2f2b39bb3593b

Headers

File Characteristics

Imports

gdi32

comdlg32

user32

kernel32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.ditxt Size: 512B - Virtual size: 496B

.dimp Size: 3KB - Virtual size: 2KB

.dbug Size: 512B - Virtual size: 28B

.dbg Size: 512B - Virtual size: 92B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 512B - Virtual size: 485B

.data Size: 3KB - Virtual size: 134KB

.rsrc Size: 146KB - Virtual size: 146KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 66KB - Virtual size: 65KB

.ditxt
Size: 512B - Virtual size: 496B

.dimp
Size: 3KB - Virtual size: 2KB

.dbug
Size: 512B - Virtual size: 28B

.dbg
Size: 512B - Virtual size: 92B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 512B - Virtual size: 485B

.data
Size: 3KB - Virtual size: 134KB

.rsrc
Size: 146KB - Virtual size: 146KB

.reloc
Size: 1KB - Virtual size: 1KB