6f669bdada7642135a12beb7b2ceb476_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f669bdada7642135a12beb7b2ceb476_JaffaCakes118
Size

180KB
MD5

6f669bdada7642135a12beb7b2ceb476
SHA1

b32ede7ab1fe734381cff6e4212d96b06d5bb49a
SHA256

fefef5714fc75a0dd11fae57d43374cf62b19caf4c881857dbfa91c0cf62ca12
SHA512

2d7f9cb526a5d017c23e0220d27972aa43f57285001dd2b90aec55ec2bfb55c5ff968b350bc4b63ff98e199c8a6088b9eace98ff83b4a2b3fb1771fe59404e0f
SSDEEP

3072:BFqfgvXMm1S1YXUraf+yefU4RdXOm1QWvBBIkvxuFTadAaYg8y53M:k4XI1YXUxPtRvfBZvxupah803M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f669bdada7642135a12beb7b2ceb476_JaffaCakes118

Files

6f669bdada7642135a12beb7b2ceb476_JaffaCakes118
.exe windows:4 windows x86 arch:x86

374be92e2060bebe9e0272bed36815c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeEndPeriod

kernel32

WideCharToMultiByte
LockResource
GlobalAlloc
HeapFree
GetTapeParameters
GetModuleFileNameA
IsBadReadPtr
LeaveCriticalSection
ReleaseMutex
MultiByteToWideChar
CreateSemaphoreA
GetThreadPriority
ClearCommError
GetProcessHeap
CreateEventA
GetCurrentProcessId
CreateFileW
DeleteCriticalSection
VirtualAlloc
LocalFree
ResumeThread
lstrlenA
EnterCriticalSection
CloseHandle
GetSystemTime
LoadResource
QueryPerformanceCounter
GetExitCodeThread
InterlockedDecrement
VirtualFree
LoadLibraryA
IsBadWritePtr
SetThreadPriority
EnumResourceNamesA
GetSystemInfo
SetEvent
InitializeCriticalSection
ResetEvent
GetVersionExA
GetCurrentThread
GetModuleFileNameW
FindResourceA
GetCurrentThreadId
DisableThreadLibraryCalls
CreateThread
TerminateThread
LoadLibraryW
ReleaseSemaphore
FatalExit
FreeLibrary
WaitForSingleObject
GetLastError
WaitForMultipleObjects
GetACP
InterlockedIncrement
GetTickCount
Sleep
GetSystemTimeAsFileTime
CreateMutexA
GetProcAddress
ExitProcess

advapi32

RegQueryValueExA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA

user32

RegisterClassA
CopyRect
MsgWaitForMultipleObjects
LoadStringA
GetQueueStatus
DispatchMessageA
RegisterWindowMessageA
wsprintfA
PostThreadMessageA
GetMessageA
CreateWindowExA
MonitorFromWindow
wvsprintfA
PeekMessageA
DestroyWindow

ole32

StringFromGUID2
CoInitialize
CoInitializeEx
StringFromCLSID
CreateItemMoniker
CoRevokeClassObject
CreateStreamOnHGlobal
CoCreateInstance
GetRunningObjectTable
CoUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CoTaskMemFree
CoRegisterClassObject
CoTaskMemAlloc

shell32

SHGetSpecialFolderPathA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

374be92e2060bebe9e0272bed36815c4

Headers

File Characteristics

Imports

winmm

kernel32

advapi32

user32

ole32

shell32

oleacc

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 45KB - Virtual size: 45KB

.lib Size: 512B - Virtual size: 232KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 45KB - Virtual size: 45KB

.lib
Size: 512B - Virtual size: 232KB