6f1f2800fb380c9b191ffff5b7f161f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f1f2800fb380c9b191ffff5b7f161f1_JaffaCakes118
Size

160KB
MD5

6f1f2800fb380c9b191ffff5b7f161f1
SHA1

09cfb6c3499ca7c8017c67972565fd47b3e1bc81
SHA256

1d734da2a67b2c80256526e92694048b4bdefb17f2635da3a8dfd96be91185e6
SHA512

8cd9d7d5a67911582b33cd728b13698b0bf39844916f402cc9bc8be06de220469f3505c0cda96fa686c10c2d3b2f5bc64c27a5ef1d154416755c5a0cbf366c5d
SSDEEP

3072:jZ8I9oXB9AAAx7iu0KK5iARXcmnzLh/lZObC8Y:jXoAdvHutTOb+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f1f2800fb380c9b191ffff5b7f161f1_JaffaCakes118

Files

6f1f2800fb380c9b191ffff5b7f161f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5838d2e400eeb058bf18b60791a780f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
WaitForSingleObject
CreateThread
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
ExitProcess
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetShortPathNameA
SystemTimeToFileTime
lstrcpynA
GetPrivateProfileSectionA
ReleaseMutex
GetSystemTime
TerminateThread
WinExec
CreateDirectoryA
lstrcmpiA
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetTickCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapFree
GetSystemDirectoryA
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateMutexA
GetLastError
GetStringTypeExA
GetThreadLocale
OutputDebugStringA
DebugBreak
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTempPathA
SetFileTime
GetFileTime
DeleteFileA
CopyFileA
GetFileSize
WriteFile
ReadFile
CloseHandle
CreateFileA
InterlockedIncrement
GetSystemDefaultLangID
lstrcpyA
lstrcatA
lstrlenA
RtlUnwind
lstrcmpA
InterlockedDecrement

user32

LoadImageA
GetSystemMetrics
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindow
SetClassLongA
KillTimer
EndPaint
DrawIconEx
DrawTextA
ReleaseDC
GetDC
BeginPaint
PostThreadMessageA
PostQuitMessage
SendMessageTimeoutA
BringWindowToTop
CharUpperA
DialogBoxParamA
EndDialog
UpdateWindow
GetWindowTextA
MoveWindow
CreateWindowExA
RegisterClassExA
GetClassInfoExA
SetWindowTextA
GetDlgItem
GetParent
GetWindowLongA
GetCapture
InvalidateRect
SetCapture
GetWindowRect
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
GetPropA
CallWindowProcA
RemovePropA
CharLowerA
SendMessageA
SetWindowLongA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
CreateDialogParamA
LoadStringA
CharNextA
wsprintfA
wvsprintfA
ShowWindow
SetTimer
SetFocus
IsDialogMessageA
LoadIconA
PostMessageA
SetPropA

gdi32

GetDeviceCaps
DPtoLP
SetBkMode
GetTextExtentPoint32A
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
GetObjectA
CreateFontIndirectA
SetTextColor
DeleteObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey

ole32

OleUninitialize
CoInitialize
CoUninitialize
OleInitialize

ws2_32

recv
inet_ntoa
gethostbyname
inet_addr
send
setsockopt
getprotobyname
socket
WSAStartup
WSACleanup
closesocket
connect
htons

shlwapi

StrToIntA
StrStrIA

shell32

ShellExecuteA

setupapi

SetupIterateCabinetA

wininet

InternetCrackUrlA

comctl32

InitCommonControlsEx

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5838d2e400eeb058bf18b60791a780f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

shlwapi

shell32

setupapi

wininet

comctl32

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB