6fa4817e59e088b74de5837137fca310_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fa4817e59e088b74de5837137fca310_JaffaCakes118
Size

792KB
MD5

6fa4817e59e088b74de5837137fca310
SHA1

74722b019e2ba6844d077853fc409482310f9529
SHA256

e4dade6f02ecb62e230f497132abf2e4a42c5cc306ab14c2312598dc09c0cf47
SHA512

ee6a935d4a356cf58f7f144fe611862f29ee9f04af1c1cc9466757c1da9b4d624ad84cb2eefe3c79801ffca94ae427aca733e87ed65d2bdb1489c233168e2100
SSDEEP

12288:bkCFAGa1jHrk55gZ6yWzVjhL6ILWa51yUphsvHs1tx7nSBb:4sA7j45KIyoVjXLR5gUgvM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa4817e59e088b74de5837137fca310_JaffaCakes118

Files

6fa4817e59e088b74de5837137fca310_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\ptfrtegnao\umeebr

Imports

comctl32

ImageList_DrawIndirect
ImageList_Read
ImageList_ReplaceIcon
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetDragImage
DrawStatusTextA
ImageList_DragShowNolock

user32

CreateWindowExA
GetCapture
CharNextExA
CharNextA
GetWindowTextA
CreateIcon
UnregisterHotKey
ChangeMenuW
DefDlgProcW
CreateWindowStationA
GetMenuStringA
BeginDeferWindowPos
SetForegroundWindow
GetWindowPlacement
GetQueueStatus
SetWindowsHookA
IsWindowEnabled
ChangeDisplaySettingsA
SetClassLongA
DdeCmpStringHandles
RegisterClassExA
CreateAcceleratorTableA
DdeAbandonTransaction
CharNextW
RegisterClassExW
RegisterClassA
LoadStringW
GetGuiResources

kernel32

GetLocalTime
GetStringTypeA
GetStringTypeW
GetStdHandle
GetCommandLineA
EnumDateFormatsW
ReadFile
RtlUnwind
GetCurrentThreadId
InterlockedIncrement
DeleteCriticalSection
SetStdHandle
OpenWaitableTimerW
UnhandledExceptionFilter
TlsGetValue
FreeEnvironmentStringsA
LCMapStringW
GetCurrentProcessId
CloseHandle
SetEnvironmentVariableA
WideCharToMultiByte
GetFileType
GetTimeZoneInformation
IsBadWritePtr
GetModuleFileNameA
ExitProcess
InterlockedCompareExchange
GetPrivateProfileIntW
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrcmpiW
SetLastError
GetStartupInfoA
EnterCriticalSection
FreeEnvironmentStringsW
GetVersion
ExitThread
WriteFile
GetCurrentProcess
GetStartupInfoW
SetConsoleTitleW
GetLongPathNameA
TlsAlloc
EnumResourceNamesA
HeapFree
GetModuleHandleA
GetCommandLineW
TlsSetValue
GetCurrentThread
GlobalFree
TlsFree
CompareStringW
GetSystemTime
GetEnvironmentStrings
SetFilePointer
HeapAlloc
lstrcpy
SetConsoleOutputCP
HeapReAlloc
SetHandleCount
DosDateTimeToFileTime
GetStringTypeExW
GetCPInfo
FindResourceExA
OpenMutexA
OutputDebugStringW
HeapDestroy
VirtualAlloc
InterlockedExchange
InitializeCriticalSection
GetThreadContext
HeapCreate
TerminateProcess
VirtualQuery
LoadLibraryA
FlushFileBuffers
InterlockedDecrement
LocalAlloc
MultiByteToWideChar
EnumDateFormatsA
LCMapStringA
VirtualProtect
CreateMutexA
CompareStringA
GetTickCount
GetEnvironmentStringsW
QueryPerformanceCounter
VirtualFree
LoadLibraryExA
CreateRemoteThread
GetProcAddress
GetLastError
SetCurrentDirectoryW
GetModuleFileNameW

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 132KB - Virtual size: 128KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 132KB - Virtual size: 128KB

.rsrc
Size: 132KB - Virtual size: 129KB