6fc87e987a163993c8a9e39ecec9e353_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fc87e987a163993c8a9e39ecec9e353_JaffaCakes118
Size

451KB
MD5

6fc87e987a163993c8a9e39ecec9e353
SHA1

2f0263673b08334f982662921d61785ef4e10d1b
SHA256

302385151196fc77d2a73f1ededd228d03511cce863acaa9450654164854eee2
SHA512

0ffce95c9d279a6d9a53ee077f8964078f3b25bef0764a0eabb82ccd88dc7a1258ea98840fad54b49c7845c3f8873510e333b469f475d5aa4af6fa53d3ba6dff
SSDEEP

12288:t7DFMcPUxdB7G1noZb8QlZ9UmI9RZwr+4iYY:bPgG1noZbBZ9pI9RZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc87e987a163993c8a9e39ecec9e353_JaffaCakes118

Files

6fc87e987a163993c8a9e39ecec9e353_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e3e17c5e6d37e02c73c05e5b13eaee3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_Remove
ord6
InitCommonControlsEx
ImageList_SetBkColor
ImageList_Destroy
ImageList_Create
CreateToolbarEx
ImageList_ReplaceIcon

kernel32

MapViewOfFileEx
GlobalReAlloc
lstrcpyA
Sleep
MapViewOfFile
CreateFileMappingA
GetFileSize
DeviceIoControl
CreateFileA
UnmapViewOfFile
IsBadStringPtrA
IsBadReadPtr
SetEndOfFile
SetFilePointer
CreateThread
TerminateThread
ExitThread
lstrcatA
VirtualProtectEx
GlobalUnlock
SetCurrentDirectoryA
DeleteFileA
FlushViewOfFile
OpenProcess
GetCurrentProcess
SetPriorityClass
GetCurrentDirectoryA
WriteProcessMemory
ReadProcessMemory
CopyFileA
GetModuleFileNameA
FindClose
FindFirstFileA
GetPrivateProfileSectionNamesA
FileTimeToSystemTime
GetFileTime
FindNextFileA
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualQueryEx
WritePrivateProfileStructA
GetPrivateProfileStructA
WideCharToMultiByte
lstrlenW
lstrcmpA
CloseHandle
lstrcmpiA
CreateProcessA
GetPriorityClass
GetLastError
OutputDebugStringA
GlobalFree
GetTempPathA
GetTickCount
GetTempFileNameA
GetFileAttributesA
lstrcpynA
lstrlenA
GetVersion
ResumeThread
TerminateProcess
GlobalAlloc
GlobalLock
ExitProcess
SetFileAttributesA
WriteFile
GetLocalTime
GetACP
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCPInfo
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
HeapSize
HeapReAlloc
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
GetOEMCP
ReadFile
FlushFileBuffers

user32

GetWindowTextA
InvalidateRect
SetCursor
GetSysColorBrush
DialogBoxParamA
DestroyCursor
EnumClipboardFormats
EndDialog
LoadCursorA
GetDlgItem
SetDlgItemTextA
EnableWindow
GetDlgItemTextA
SendMessageA
wsprintfA
MessageBoxA
GetActiveWindow
CheckDlgButton
SetWindowTextA
IsDlgButtonChecked
SetWindowLongA
CallWindowProcA
GetClassInfoA
CloseClipboard
GetWindowRect
GetMenu
GetSubMenu
RemoveMenu
SetDlgItemInt
ChildWindowFromPoint
GetWindowPlacement
CharLowerBuffA
KillTimer
DestroyIcon
DestroyWindow
GetClientRect
MoveWindow
EnableMenuItem
CheckMenuRadioItem
SetTimer
SetWindowPlacement
InsertMenuItemA
DefDlgProcA
RegisterClassA
CheckRadioButton
GetCursorPos
GetClipboardData
CreatePopupMenu
AppendMenuA
SetWindowPos
FindWindowA
IsWindow
GetSystemMetrics
LoadIconA
SendDlgItemMessageA
PostMessageA
EmptyClipboard
SetClipboardData
SetFocus
OpenClipboard
DestroyMenu
TrackPopupMenu

gdi32

SelectObject
SetBkMode
DeleteObject
CreateFontIndirectA
GetObjectA
GetStockObject
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
RegSetValueA
AdjustTokenPrivileges
RegDeleteKeyA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHBrowseForFolderA
DragAcceptFiles
SHGetPathFromIDListA

imagehlp

ImageRvaToVa
ImageNtHeader
ImageRvaToSection
CheckSumMappedFile
BindImageEx

procs32

IsProcessRunning
GetModuleHandleEx
GetModuleFirst
GetModuleNext
GetProcessBaseSize
GetProcessNext
GetProcessPath
GetNumberOfProcesses
GetNumberOfModules
GetProcessFirst

ndump

DumpProcess

rebpe32

DumpFixer64
DumpFix
GetRealNumberOfSections64
ReBasePEImage
GetRealNumberOfSections
DumpFixer32
ValidatePE
RebuildPE
ResizeFile
WipeReloc

uupdatesystem

ShowUpdateDialog

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e3e17c5e6d37e02c73c05e5b13eaee3

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

imagehlp

procs32

ndump

rebpe32

uupdatesystem

Sections

.text Size: 339KB - Virtual size: 339KB

.rsrc Size: 111KB - Virtual size: 110KB

.text
Size: 339KB - Virtual size: 339KB

.rsrc
Size: 111KB - Virtual size: 110KB