6fbd151f75aaaba19415f5818951c381_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fbd151f75aaaba19415f5818951c381_JaffaCakes118
Size

7.4MB
MD5

6fbd151f75aaaba19415f5818951c381
SHA1

2028a7a82efd54f6199d5249e0988b31391fadb6
SHA256

949d729331248e66fa817ae04a7bc17056e39ba77c9bc60a9df64846f3c32b01
SHA512

8698858c475a55e5e5b58d046c8ba8c36e5137d9c530d40897d779c8b2b52979cc38d41cc0823e6fa0c7c11dc27d74e356a347590b825e2dfb7851b9eff10110
SSDEEP

196608:40o+NCb/ld1Hf7CzVfwccQYcpKK4f2nwxU9GrTE:jCb/Z/7RQYcpm+wsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fbd151f75aaaba19415f5818951c381_JaffaCakes118

Files

6fbd151f75aaaba19415f5818951c381_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dca23704be3e4a697406ea99c75fb53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
_llseek
PeekNamedPipe
PrepareTape
GetSystemInfo
CreateMutexA
GetDriveTypeW
SetNamedPipeHandleState
VirtualQuery
RaiseException
DebugBreak
SetupComm
GetCommConfig
SetFileTime
GetTempFileNameA
FindFirstFileA
GlobalFindAtomW
SetStdHandle
SetErrorMode
ReadFile
CopyFileExW
CompareStringW
FindCloseChangeNotification
GetCommandLineW
GetPrivateProfileSectionW
EnumResourceNamesA
DeleteCriticalSection
SearchPathW
SetEnvironmentVariableA
SetThreadLocale
ReadConsoleA
GenerateConsoleCtrlEvent
_lread
WritePrivateProfileStringW
VirtualLock
_lopen
CreateEventA
GetCompressedFileSizeW
SetSystemTime
GetVolumeInformationW
SetProcessShutdownParameters
VirtualAllocEx
EnumTimeFormatsW
GetThreadContext
SetEvent
VirtualQueryEx
GetTapeStatus
WaitNamedPipeA
ReadConsoleOutputA
VirtualProtect
GetTempPathW
GetTimeZoneInformation
WritePrivateProfileStringA
CreateFileW
IsProcessorFeaturePresent
EnumCalendarInfoA
ExitThread
GetSystemTime
GetProfileStringA
LocalFileTimeToFileTime
FillConsoleOutputCharacterA
SetHandleCount
WriteFile
MoveFileExA
AreFileApisANSI
EndUpdateResourceA
GetDriveTypeA
WriteConsoleOutputW
GlobalFree
FindResourceExA
CreateWaitableTimerA
WritePrivateProfileSectionW
ExitProcess
GetUserDefaultLCID
lstrcmpiA
ReleaseMutex
GetAtomNameA
GlobalGetAtomNameW
FindFirstFileExW
SetConsoleActiveScreenBuffer
SetEnvironmentVariableW
SetCommMask
EnumSystemCodePagesW
SizeofResource

user32

SetWindowRgn
GetSubMenu
GetCursor
GetMenuStringA
GetKeyboardType
GetClassInfoExA
FlashWindow
RegisterClassA
DestroyIcon
WinHelpA
SendDlgItemMessageW
CheckRadioButton
AdjustWindowRectEx
InvalidateRgn
GetScrollPos
TileWindows
GetWindowThreadProcessId
MenuItemFromPoint
ToUnicodeEx

gdi32

SetColorAdjustment
CreateEnhMetaFileW
GetViewportOrgEx
GetROP2
GetDIBits
PaintRgn
StretchBlt
SetViewportOrgEx
CreatePolygonRgn
PolyBezierTo
SetGraphicsMode
CreateFontW
Rectangle
FillPath
GetTextCharset

advapi32

CryptSetKeyParam
RegCloseKey
SetPrivateObjectSecurity
CryptHashData
DuplicateTokenEx
GetCurrentHwProfileW
AddAccessAllowedAce
GetExplicitEntriesFromAclW
GetServiceDisplayNameA
CryptDeriveKey
ChangeServiceConfigA
QueryServiceLockStatusW
CreateServiceW
RegRestoreKeyA
IsValidSid
RegEnumValueW
ObjectDeleteAuditAlarmW
GetTokenInformation
CryptAcquireContextW
RegSetValueExW
RegFlushKey
GetSidLengthRequired

shell32

DragQueryPoint
FindExecutableA
SHGetSpecialFolderPathW
ExtractIconA
Shell_NotifyIconW
SHFileOperationW
SHLoadInProc
FindExecutableW
DragAcceptFiles
SHFileOperationA

ole32

CoRegisterClassObject

oleaut32

SafeArrayPutElement
LoadTypeLibEx
SafeArrayCreate
QueryPathOfRegTypeLi
SafeArrayRedim
LoadTypeLi
SafeArrayGetLBound
SysAllocStringLen
VariantCopy
SysStringLen

comctl32

ImageList_SetIconSize

shlwapi

StrCmpNIW
StrDupA
PathRelativePathToW
StrStrA
PathGetArgsW
PathCompactPathExW
SHAutoComplete
PathQuoteSpacesA
PathIsUNCA
PathAddBackslashA
StrDupW
PathGetCharTypeW
PathUnquoteSpacesA
HashData
AssocQueryKeyW
StrCatBuffW
PathIsRootA
PathIsFileSpecA
UrlCanonicalizeW
PathGetDriveNumberA
PathRelativePathToA
SHRegGetUSValueW

msvcrt

strtok
_mkdir
wcsncpy
isleadbyte
_tempnam
towupper
_tzset
_write
iswdigit
_umask
_spawnv
memchr
_wcsnicmp
_wcsicmp
_mbsupr
fputws
longjmp
_wcsnset
wcsftime
swprintf
iswcntrl
fgetws
_mbschr
_errno
sscanf
bsearch
_mbsstr
isdigit
clearerr
atoi
strftime
_lseeki64
iswprint
_mbsinc

Sections

.text
Size: 8KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dca23704be3e4a697406ea99c75fb53

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 7.3MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 7.3MB - Virtual size: 7.3MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 8KB - Virtual size: 7.3MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 7.3MB - Virtual size: 7.3MB

.rsrc
Size: 68KB - Virtual size: 66KB