6ef6b86136ea7e13d197298aa0c7967d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6ef6b86136ea7e13d197298aa0c7967d_JaffaCakes118
Size

225KB
MD5

6ef6b86136ea7e13d197298aa0c7967d
SHA1

d3fc38c90d56ed5e69216176a99d091c8251f498
SHA256

e5a113e2a5e26c69b9c3105e67189961f8f7e56e781102303cb11300f0912e30
SHA512

54023cb6eb709ace9e9eb05859dbb6141885a353d4c1ab4a19b0785ae1f3ee088af503875736cbe7ffdc0daadd0a9c81e935fb09fce27e024019b040ac94a692
SSDEEP

6144:ByppFagayDlHp0TFabnUHbcsdfzqEHVOP01:sppFagBpH+TFabnULIP01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ef6b86136ea7e13d197298aa0c7967d_JaffaCakes118

Files

6ef6b86136ea7e13d197298aa0c7967d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ba2a8c49c789dd4d35b2b39406811e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

GetCPInfo
TerminateProcess
GetACP
HeapReAlloc
HeapSize
GetOEMCP
LCMapStringW
LCMapStringA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapAlloc
ExitProcess
UnhandledExceptionFilter
VirtualFree
GetStartupInfoA
RaiseException
HeapFree
SetEndOfFile
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
GetFileType
HeapDestroy
GetCommandLineA
CloseHandle
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetSystemTime
GetModuleHandleA
GetLocalTime
SetEnvironmentVariableA
GetTimeZoneInformation
SetCurrentDirectoryA
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetFileAttributesA
GetFileSize
GetCurrentDirectoryA
WritePrivateProfileStringA
GetProcessVersion
GetVersionExA
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
DeleteCriticalSection
GlobalHandle
LocalAlloc
TlsAlloc
InitializeCriticalSection
FileTimeToLocalFileTime
SizeofResource
GlobalFlags
FileTimeToSystemTime
GetModuleFileNameA
GetFullPathNameA
SetUnhandledExceptionFilter
FindClose
MultiByteToWideChar
GetVolumeInformationA
FindFirstFileA
GetProcAddress
lstrcpyA
LoadLibraryA
FreeLibrary
VirtualAlloc
UnlockFile
WideCharToMultiByte
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
MulDiv
GetStringTypeA
GetStringTypeW
HeapCreate
GetProfileStringA
LockResource
GetWindowsDirectoryA
GetLastError
LocalFree
FormatMessageA
GetFileTime
GetDriveTypeA
LoadResource
FindResourceA
lstrlenA
GlobalFree
GlobalUnlock
GlobalLock
GetCurrentThreadId
lstrcatA
GetVersion
InterlockedIncrement
InterlockedDecrement

user32

ValidateRect
TranslateMessage
GetMessageA
DestroyMenu
GetWindowDC
BeginPaint
GetCursorPos
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
LoadCursorA
GetSysColorBrush
FindWindowA
InvalidateRect
OffsetRect
IntersectRect
InflateRect
ReleaseCapture
WindowFromPoint
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PostMessageA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
IsWindowVisible
ScreenToClient
LoadStringA
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
MessageBoxA
PostQuitMessage
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetDC
ReleaseDC
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
ShowOwnedPopups
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
EnableWindow
SendMessageA
IsChild
SetCursor
GetCapture
ScrollWindow
GetTopWindow
EndDeferWindowPos
CharNextA
ShowCaret
ExcludeUpdateRgn
HideCaret
DrawFocusRect
DefDlgProcA
UnregisterClassA
IsWindowUnicode

gdi32

GetTextMetricsA
SetBkColor
GetObjectA
CreateBitmap
PatBlt
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetTextExtentPointA
Escape
CreateCompatibleDC
CreateDIBitmap
BitBlt
SetTextColor
GetClipBox

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
EnumServicesStatusA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
QueryServiceConfigA
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78ba2a8c49c789dd4d35b2b39406811e

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 17KB - Virtual size: 32KB

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 17KB - Virtual size: 32KB

.rsrc
Size: 39KB - Virtual size: 38KB