6ad276ddd90b1085cd13eb59476fedc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ad276ddd90b1085cd13eb59476fedc7_JaffaCakes118
Size

400KB
MD5

6ad276ddd90b1085cd13eb59476fedc7
SHA1

245c2b0f70b78754c5834666f7112c82370a5e91
SHA256

972ec9312c329a04494c7ded113be5fe3abc90f8fc8c8ebbe491dadf5265c6e2
SHA512

d71d6a0ab125afdad1f62b52d1fecb1a24ce77ec5ebd2aadf252099e9a35de6196aabe158dabfbb6a1745d09f985c896b044b6b4934fa61bbca6f15d00e3b97e
SSDEEP

12288:cJfOiUWMssT5TlM3r8weW4EN9lKOh5ENF:GWi/AT2KyQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ad276ddd90b1085cd13eb59476fedc7_JaffaCakes118

Files

6ad276ddd90b1085cd13eb59476fedc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

500ab6228e1d874579d4bf9e5d0c635c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\lapzcjx\n

Imports

kernel32

DeleteFileW
GetSystemTimeAsFileTime
CompareStringW
GetUserDefaultLCID
SetLastError
ExitProcess
GetCurrentProcessId
OpenWaitableTimerW
GetLocaleInfoA
LoadLibraryA
LeaveCriticalSection
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsW
lstrcmpiA
ReadFile
GetACP
HeapSize
FindNextFileA
CreateFileA
SystemTimeToTzSpecificLocalTime
SetFilePointer
SetCurrentDirectoryW
CreateProcessA
GetStringTypeA
HeapValidate
TlsGetValue
GetVersionExA
FlushFileBuffers
SetCriticalSectionSpinCount
GetDiskFreeSpaceExA
GetLastError
GetDateFormatW
CreateFileMappingA
GetModuleFileNameA
SetTimeZoneInformation
DeleteCriticalSection
IsValidLocale
TransmitCommChar
HeapReAlloc
RaiseException
GetStartupInfoA
HeapDestroy
SetStdHandle
GetStdHandle
FreeEnvironmentStringsA
IsValidCodePage
RtlUnwind
CreateMutexA
LCMapStringA
GetEnvironmentStringsA
GetEnvironmentStringsW
IsDebuggerPresent
WideCharToMultiByte
LCMapStringW
CreateEventA
TlsSetValue
CreateFileMappingW
GetCurrentThread
IsBadWritePtr
MultiByteToWideChar
GetSystemInfo
TlsAlloc
WriteFile
UnhandledExceptionFilter
GetCurrentProcess
GetStringTypeW
GetTickCount
InterlockedIncrement
VirtualQuery
EnterCriticalSection
VirtualProtect
CreatePipe
GetTimeFormatA
OpenMutexA
EnumSystemLocalesA
TerminateProcess
HeapAlloc
GetCPInfo
CreateNamedPipeW
GetDateFormatA
GetCurrentThreadId
GetLocaleInfoW
WriteConsoleOutputA
LocalReAlloc
HeapFree
WaitForSingleObject
VirtualFree
GetOEMCP
GetTimeZoneInformation
GetModuleHandleA
WriteConsoleInputA
InitializeCriticalSection
HeapCreate
CompareStringA
GetFileType
TlsFree
CloseHandle
GetCommandLineA
QueryPerformanceCounter
InterlockedExchange
VirtualAlloc
SetVolumeLabelA
GetProcAddress
SetHandleCount
DebugBreak

user32

ShowCaret
DlgDirSelectExA
RegisterClassA
GetScrollPos
WINNLSGetIMEHotkey
ShowOwnedPopups
CreateDialogParamW
DdeDisconnectList
MessageBoxIndirectW
MessageBoxA
CascadeChildWindows
InsertMenuA
CallWindowProcA
EnumDisplayDevicesA
IsCharUpperA
EnumThreadWindows
GetKeyboardState
ShowCursor
GetWindowRgn
CharNextW
SetPropW
IsDialogMessageA
ChangeClipboardChain
RegisterClassExA
PaintDesktop
GetWindowInfo
SetDeskWallpaper
DestroyAcceleratorTable
GetKeyboardLayout
DrawIcon
GetInputDesktop
DestroyWindow
CreateWindowStationA
IsWindowUnicode
SetWindowTextA
IsDlgButtonChecked
GetWindowModuleFileNameA
DefWindowProcW
CharLowerW
GetKeyboardLayoutList
SetSystemCursor
CallWindowProcW
CreateWindowExA
GetWindowDC
GetMenuContextHelpId
SendMessageW
DrawTextW
EnumClipboardFormats
OpenDesktopA
SetClipboardData
MessageBoxW
GetProcessDefaultLayout
SetClipboardViewer
GetClipboardFormatNameW
DlgDirListA
GetClipCursor
GetSystemMenu
GetMenuStringW
ShowWindow
SetWindowsHookA
ToAsciiEx
IsCharAlphaW
IsWindowEnabled
ToUnicodeEx
GetSysColor
GetTopWindow
SetKeyboardState
InternalGetWindowText
ChangeDisplaySettingsA
MapVirtualKeyExA
AppendMenuW
SetTimer
MapVirtualKeyA

shell32

SHBrowseForFolder
SHQueryRecycleBinW

comdlg32

GetFileTitleA

comctl32

CreateStatusWindowA
ImageList_Replace
ImageList_SetIconSize
ImageList_DragLeave
CreateToolbarEx
ImageList_SetFlags
ImageList_GetDragImage
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Merge
ImageList_GetIcon
_TrackMouseEvent
ImageList_Draw
DrawStatusText
InitCommonControlsEx
ImageList_GetBkColor
ImageList_DragShowNolock
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_DragEnter
ImageList_EndDrag
ImageList_Add
CreateStatusWindowW
CreateUpDownControl

advapi32

CryptSetProviderW
RegSetValueExW
CryptExportKey
LookupSecurityDescriptorPartsW
RegSetKeySecurity
CryptAcquireContextW
RegEnumKeyExA
CryptAcquireContextA
LookupAccountSidA
CryptEnumProviderTypesA
CryptReleaseContext
CryptSignHashA
RegCreateKeyExA
RegConnectRegistryA
RegQueryValueExA
RegSetValueA
LookupPrivilegeValueW
CreateServiceA
LogonUserW
CryptSetProviderExW
CryptHashData

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

500ab6228e1d874579d4bf9e5d0c635c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

comdlg32

comctl32

advapi32

Sections

.text Size: 144KB - Virtual size: 142KB

.rdata Size: 140KB - Virtual size: 137KB

.data Size: 100KB - Virtual size: 119KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 144KB - Virtual size: 142KB

.rdata
Size: 140KB - Virtual size: 137KB

.data
Size: 100KB - Virtual size: 119KB

.rsrc
Size: 12KB - Virtual size: 11KB