6ef068b40fa937aaee596944bdfb0b1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ef068b40fa937aaee596944bdfb0b1a_JaffaCakes118
Size

585KB
MD5

6ef068b40fa937aaee596944bdfb0b1a
SHA1

cb1a931088ac7d9d3ee5c1ca3345fb7eaa267d26
SHA256

d2ea45465cc0e8a0b0b723b66ed7b46037d5015dccf3117b7407afc1a943baa3
SHA512

0c24ca789742abef5039168778990c4d6c33082d3c8616d0ba0a2864b8af7c5d1ae1bbd7a8bb10613dd16654af218a43157d792ccff69478fe49b07c178fc178
SSDEEP

12288:LntS4vQa+KnffoMNYYr5wAs+cx5kib6SuQy+8Pv6EuTcypqe+RNhvgGCm:ZznoGYhlhk7HQ2v6EuQypqR6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ef068b40fa937aaee596944bdfb0b1a_JaffaCakes118

Files

6ef068b40fa937aaee596944bdfb0b1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7db65e82a45eb72e66cc9d2953b540b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHBrowseForFolder
SHFreeNameMappings
SheGetDirA
ShellExecuteExW
ShellAboutA
SHUpdateRecycleBinIcon
SHGetPathFromIDListA
ExtractAssociatedIconExA
ShellExecuteEx
DoEnvironmentSubstW
SHGetPathFromIDListW
SHLoadInProc

comdlg32

PageSetupDlgA
GetFileTitleW
FindTextW
ChooseFontW
ReplaceTextW
GetOpenFileNameW
LoadAlterBitmap
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
PrintDlgA
ReplaceTextA
PageSetupDlgW
ChooseColorW
ChooseFontA
PrintDlgW
ChooseColorA

wininet

InternetTimeFromSystemTimeA
RetrieveUrlCacheEntryStreamW
RunOnceUrlCache
GopherCreateLocatorA
GopherGetLocatorTypeA
InternetTimeFromSystemTimeW
HttpSendRequestExA
FindFirstUrlCacheEntryExW

advapi32

RegSetValueExA
CryptEnumProvidersW
RegSetValueA
RegQueryValueW
CryptDuplicateKey
CryptContextAddRef
RegEnumValueA
CryptGetKeyParam
CryptGetUserKey
LookupSecurityDescriptorPartsW
LookupPrivilegeDisplayNameW
RegCreateKeyExA
LogonUserA
CryptEnumProviderTypesW
CryptReleaseContext

kernel32

GetProcessHeap
GetModuleFileNameW
SetEnvironmentVariableA
FindClose
RtlUnwind
ReleaseMutex
CreateFileA
GetEnvironmentStringsW
LoadLibraryA
InitializeCriticalSection
GetModuleFileNameA
GetCurrentThread
GlobalHandle
VirtualAlloc
LocalFree
GetProcAddress
GetLocaleInfoW
lstrlen
TerminateProcess
IsBadReadPtr
GetCurrentProcess
CloseHandle
LoadLibraryW
GetEnvironmentStrings
GetTimeZoneInformation
ExitProcess
CompareStringW
GetCommandLineA
TlsAlloc
QueryPerformanceCounter
TlsSetValue
GetVersionExA
RaiseException
HeapDestroy
GetConsoleMode
lstrcat
GetOEMCP
HeapValidate
GetLocaleInfoA
SetConsoleCtrlHandler
GetACP
FileTimeToLocalFileTime
GetCPInfo
FreeEnvironmentStringsA
GetDateFormatA
lstrlenA
HeapFree
ReleaseSemaphore
LCMapStringW
GetStringTypeA
SetLastError
GetCurrentProcessId
GetStringTypeW
OutputDebugStringW
GetConsoleOutputCP
HeapCreate
EnumSystemLocalesA
IsValidLocale
CompareStringA
IsValidCodePage
FreeLibrary
InterlockedIncrement
WideCharToMultiByte
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
EnterCriticalSection
TlsGetValue
HeapAlloc
GetFileType
InterlockedExchange
GetStartupInfoA
SetHandleCount
GlobalFlags
GetStdHandle
GetConsoleCP
GetTimeFormatA
SetStdHandle
LocalUnlock
WriteConsoleA
TlsFree
LeaveCriticalSection
SetFilePointer
FlushFileBuffers
GetTickCount
GetModuleHandleA
SetFileTime
GetFileAttributesA
VirtualQuery
IsDebuggerPresent
lstrcatW
LCMapStringA
DeleteCriticalSection
InterlockedDecrement
GetCurrentThreadId
WriteConsoleW
MultiByteToWideChar
WriteFile
GetLastError
DebugBreak
FreeEnvironmentStringsW
VirtualFree
ExitThread
HeapReAlloc
OutputDebugStringA
UnhandledExceptionFilter
GetUserDefaultLCID

user32

OpenWindowStationA
UnhookWindowsHookEx
DrawStateA
CreateWindowExA
SetMessageExtraInfo
MonitorFromPoint
UnpackDDElParam
ShowWindow
EnumWindows
DispatchMessageW
CreateMDIWindowA
SendInput
ReleaseDC
RegisterDeviceNotificationA

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7db65e82a45eb72e66cc9d2953b540b

Headers

File Characteristics

Imports

shell32

comdlg32

wininet

advapi32

kernel32

user32

Sections

.text Size: 262KB - Virtual size: 261KB

.data Size: 312KB - Virtual size: 326KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 262KB - Virtual size: 261KB

.data
Size: 312KB - Virtual size: 326KB

.rsrc
Size: 10KB - Virtual size: 10KB