6f7e019969b00edde96f2cf4809c3abf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f7e019969b00edde96f2cf4809c3abf_JaffaCakes118
Size

434KB
MD5

6f7e019969b00edde96f2cf4809c3abf
SHA1

ce944d665e3af9e66750f32fb5a4d0d47d5ab947
SHA256

936cf3f2693ee40a221456a86197cd11aef05101dbe5eac850cb990278cfeece
SHA512

9478159eb08fc250738150586013b75a1e7ea382b3a469e610f7abd6b72ec6f6df227bc9e6ea6043d566a0867cb0b34c2c6c484c6e6f54e5a828889ecf964ce7
SSDEEP

3072:sSdSpPHYmeXRcQUeUv+UFJYRdtUXo8C4QeoaBovo3yyIu/7wNIMcD:ssCYmeXWQUeUGntUXu4QfaBosIuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f7e019969b00edde96f2cf4809c3abf_JaffaCakes118

Files

6f7e019969b00edde96f2cf4809c3abf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb68180d1fdc06fa80f29ea376ded771

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

gdi32

CreateBrushIndirect
CreateRoundRectRgn
GetStockObject
SetBkMode
SetTextColor

gdiplus

GdipAlloc
GdipCloneBrush
GdipCloneImage
GdipCreateBitmapFromScan0
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateSolidFill
GdipCreateStringFormat
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeletePrivateFontCollection
GdipDeleteStringFormat
GdipDisposeImage
GdipDrawImageRectI
GdipDrawString
GdipFree
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipLoadImageFromStream
GdipReleaseDC
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdiplusShutdown
GdiplusStartup

kernel32

AddAtomA
CloseHandle
CreateMutexA
CreateMutexW
CreateSemaphoreA
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindAtomA
FindResourceW
FreeLibrary
FreeResource
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
Module32FirstW
Module32NextW
OpenProcess
Process32FirstW
Process32NextW
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAllocEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WriteProcessMemory

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
abs
atexit
calloc
fclose
fopen
fputc
fputs
free
fwrite
malloc
memcpy
memset
pow
realloc
signal
sin
sprintf
strcmp
strcpy
vfprintf
wcscmp
wcscpy

ole32

CreateStreamOnHGlobal

shell32

ShellExecuteA
Shell_NotifyIconW

user32

BeginPaint
CallNextHookEx
DialogBoxParamW
EndDialog
EndPaint
FindWindowW
GetClientRect
GetDlgItem
GetForegroundWindow
GetWindowLongW
GetWindowRect
GetWindowThreadProcessId
InvalidateRect
LoadIconW
MessageBoxW
PostMessageW
ScreenToClient
SendMessageW
SetTimer
SetWindowLongW
SetWindowRgn
SetWindowsHookExW
ShowWindow
UpdateWindow

winmm

PlaySoundW
waveOutClose
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Sections

Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb68180d1fdc06fa80f29ea376ded771

Headers

File Characteristics

Imports

advapi32

gdi32

gdiplus

kernel32

msvcrt

ole32

shell32

user32

winmm

Sections

Size: 296KB - Virtual size: 296KB

Size: 44KB - Virtual size: 44KB

.rsrc Size: 90KB - Virtual size: 92KB

.rsrc
Size: 90KB - Virtual size: 92KB