6af8cde76eb9866414accf6a5356965e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6af8cde76eb9866414accf6a5356965e_JaffaCakes118
Size

154KB
MD5

6af8cde76eb9866414accf6a5356965e
SHA1

b2b91166b2542df50508fbe12db45fc4a3804649
SHA256

071a65239be1b925f5a45bc2589cd16e4ff13c22384fb32e9728262d1858d599
SHA512

a5fee11b3b58a8059d00236394edb96f9c6b9983e708a7b38bd407fdcae725ed51f9e3d2ac3dcfc5ad1b4304cb4f98ac4328647c948d004a8fdc834bfd917bc8
SSDEEP

3072:1d1hnvxNK2xIJZQut065UBVZeod16OqRK/KQfE13NINQgaX:1dzK22JbtJUBTeoT6vRCk6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6af8cde76eb9866414accf6a5356965e_JaffaCakes118

Files

6af8cde76eb9866414accf6a5356965e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4d4f5a8e47a5c54d5a9e07f26254c9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayUnaccessData
VariantClear
SafeArrayGetLBound
SysAllocStringByteLen

user32

CreateMenu
RegisterClassW
SetRectEmpty
GetKeyNameTextW
UpdateWindow
GetSystemMenu
GetMenuStringW
SetFocus
GetUpdateRect
CharToOemA
SetActiveWindow
PeekMessageA
InvalidateRect
GetMenuStringA
HideCaret
GetMessageA
SetWindowPos
UnpackDDElParam
GetDoubleClickTime
GetMenuItemID
CharLowerBuffA
GetKeyboardLayoutList
DrawIconEx
FrameRect
GetClientRect
GetWindowRect
CreateIcon
GetClassNameW
GetKeyState
LoadIconA
LoadCursorA
DrawFocusRect
GetScrollPos
CheckMenuItem
GetTopWindow
OpenClipboard
SetWindowsHookExA
RegisterClassA
ShowOwnedPopups
SendMessageW
TranslateMessage
GetForegroundWindow
CharUpperA
DestroyWindow
CopyImage
IsDialogMessageA
GetIconInfo
GetKeyboardLayout
CloseClipboard
SubtractRect

gdi32

IntersectClipRect
MoveToEx
BitBlt
CreateBitmap
CreateDIBSection
GetTextAlign
StartPage
GetNearestColor
GetTextMetricsA
CreateDIBitmap
SetDIBColorTable

ole32

StringFromGUID2
OleInitialize
CoUninitialize
CoTaskMemAlloc
CoGetClassObject
DoDragDrop

kernel32

GetTempPathA
TerminateThread
GetDateFormatA
MoveFileA
GetVolumeInformationA
GetFileAttributesA
GetModuleHandleA
GetProcessHeap
CreateFileMappingW
GlobalHandle
GetModuleHandleA
GetProfileStringA
GlobalUnlock
VirtualQueryEx
LeaveCriticalSection
Sleep
MapViewOfFile
WaitForMultipleObjects
GetCurrentThread
SetThreadPriority
TerminateProcess
GlobalLock
CreateProcessA
CloseHandle
GetLocaleInfoA
SuspendThread
MapViewOfFile
IsValidCodePage
SetEndOfFile
GetThreadPriority
LockResource
GlobalAlloc
GetCommandLineW
lstrlenW
UnmapViewOfFile

actictrs

_Stof
_Nan
_Tolower
_Poly
_Strxfrm
_Mbrtowc
_FInf
_FDscale
_Denorm
_Dnorm
_LXbig
_Wcrtomb

winmm

timeEndPeriod

comctl32

ImageList_Replace
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Create

comdlg32

FindTextA
GetSaveFileNameA

shell32

DragAcceptFiles

urlmon

CoInternetCreateZoneManager

wininet

InternetReadFile

Sections

.text
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4d4f5a8e47a5c54d5a9e07f26254c9f

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

gdi32

ole32

kernel32

actictrs

winmm

comctl32

comdlg32

shell32

urlmon

wininet

Sections

.text Size: 145KB - Virtual size: 148KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 148KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB