6f7f01863c9b6232788ef0794c4950d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f7f01863c9b6232788ef0794c4950d7_JaffaCakes118
Size

464KB
MD5

6f7f01863c9b6232788ef0794c4950d7
SHA1

38059c610c3b0fddcc2b3318afb1001bc7feb153
SHA256

99c98c7ea9ec8baa02299e07d51a7dcef7e7908ab0ebecd61530d4b5bc2b111c
SHA512

5b25d6ce90c9d26d171e14de68937af62c11934da28935442b937133a36da238d655f232167621cc0192989ba32f9b40717bd820346816004221608807f39639
SSDEEP

3072:g7hVy0imQIxQj0xXVQVqPI48zCR7TO6/eb:g7h06QeQj0xXVtPI4J7T0b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f7f01863c9b6232788ef0794c4950d7_JaffaCakes118

Files

6f7f01863c9b6232788ef0794c4950d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4583a93219c035622cbb4ab57cf0a7c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BringWindowToTop
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
GetClassNameA
GetWindowTextA
GetMenu
FindWindowA
IsWindow
SendMessageA
FindWindowExA
EnumWindows

msvcrt

_iob
fprintf
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__CxxFrameHandler
_splitpath
strcspn
??2@YAPAXI@Z
_vsnprintf
malloc
strchr
_strlwr
strcat
strrchr
strcpy
fopen
fseek
ftell
fread
fclose
atoi
strtoul
strstr
free
strcmp
sscanf
memcpy
srand
strncpy
strtok
memset
rand
_snprintf
strlen
sprintf
strncat
toupper
__setusermatherr

kernel32

LocalAlloc
CreateMutexA
GetStartupInfoA
CopyFileA
GetWindowsDirectoryA
GetFileTime
SetFileTime
GetFileAttributesA
ReleaseMutex
ExpandEnvironmentStringsA
GetCurrentThread
GetCurrentProcess
TerminateProcess
OpenProcess
SetFileAttributesA
DeleteFileA
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetLocaleInfoA
CreateFileA
WriteFile
CreateProcessA
WaitForSingleObject
GetVersionExA
GetTempPathA
ExitProcess
TerminateThread
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
ExitThread
GetModuleFileNameA
CreateThread
Sleep
lstrcmpiA
GetTickCount
LocalFree

Sections

iA#5@%^$
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iA#5@%^$
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iA#5@%^$
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iA#5@%^$
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4583a93219c035622cbb4ab57cf0a7c3

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

Sections

iA#5@%^$ Size: 44KB - Virtual size: 44KB

iA#5@%^$ Size: 4KB - Virtual size: 4KB

iA#5@%^$ Size: 356KB - Virtual size: 356KB

iA#5@%^$ Size: 52KB - Virtual size: 52KB

.avc Size: 4KB - Virtual size: 4KB

iA#5@%^$
Size: 44KB - Virtual size: 44KB

iA#5@%^$
Size: 4KB - Virtual size: 4KB

iA#5@%^$
Size: 356KB - Virtual size: 356KB

iA#5@%^$
Size: 52KB - Virtual size: 52KB

.avc
Size: 4KB - Virtual size: 4KB