6fe5642f82a4ac5a919d2e0dda7125b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fe5642f82a4ac5a919d2e0dda7125b0_JaffaCakes118
Size

596KB
MD5

6fe5642f82a4ac5a919d2e0dda7125b0
SHA1

007d66f39c96e911342d5391d3a44506e2555f08
SHA256

92a78f0f2abc5dabf2ab1f7d3fd8542251ba2758304649ad2f8a5dd42373805e
SHA512

a60a0070966ffb471ee17cb8b093590c458db5235f2bfbe3c92f4b252b72e365b11cd5e97446ac1851cf87dc8dcc97357a1b52004557e0fa7e567e4859f98619
SSDEEP

12288:N4lIzARsIbe1f9suh1ZGAabnjSQyhSaaB:mCysueJ9sAknjs8B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fe5642f82a4ac5a919d2e0dda7125b0_JaffaCakes118

Files

6fe5642f82a4ac5a919d2e0dda7125b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c88f59b5917257c7fbdf73971e65fb51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\hzbxc.pdb

Imports

user32

ShowWindow
GetWindow
GetScrollPos
SetProcessDefaultLayout
DefMDIChildProcW
GetKeyboardType
GetDC
DialogBoxParamA
InsertMenuItemA
ChangeMenuW
GetGUIThreadInfo
CloseWindow
AdjustWindowRectEx
ChangeClipboardChain
ShowWindowAsync
MessageBoxW
GetListBoxInfo
DrawTextA
GetMessageA
CreateWindowExW
PtInRect
GetWindowWord
ChangeDisplaySettingsExW
RealChildWindowFromPoint
EnableWindow
DdePostAdvise
LoadCursorW
EnableMenuItem
DestroyWindow
DlgDirSelectComboBoxExA
SetCursorPos
GetWindowTextLengthA
GetClipboardFormatNameA
IsCharAlphaW
ChangeDisplaySettingsExA
SetWinEventHook
EnumDesktopsW
CreateDialogIndirectParamA
WINNLSGetEnableStatus
DdeQueryStringA
InSendMessageEx
GetMenu
SetDebugErrorLevel
IsDialogMessage
DefWindowProcA
InvalidateRgn
ShowOwnedPopups
ChangeDisplaySettingsW
EnumDisplayDevicesW
EnumDesktopWindows
EnumDisplaySettingsA
CloseClipboard
FindWindowExW
FreeDDElParam
SendMessageTimeoutA
RegisterClassExA
EnumPropsW
SetSystemCursor
CreateDialogParamW
OpenDesktopA
SendDlgItemMessageA
RemoveMenu
DdeCreateStringHandleA
SetFocus
CharUpperA
OemToCharBuffW
FillRect
AdjustWindowRect
IsCharAlphaNumericA
CopyAcceleratorTableW
RegisterClassA
IsDialogMessageW
GetSystemMetrics

kernel32

GetConsoleMode
SetEnvironmentVariableW
GetExitCodeProcess
SetUnhandledExceptionFilter
RtlUnwind
FindResourceW
VirtualFree
TlsFree
LockFileEx
MoveFileExW
SetHandleCount
FreeLibrary
GetFileType
CompareStringA
RemoveDirectoryW
GetSystemTimeAdjustment
OpenSemaphoreA
GetLastError
EnumCalendarInfoExA
TlsGetValue
EnumDateFormatsExA
GetEnvironmentStrings
EnterCriticalSection
ReadFile
HeapDestroy
GetCurrentProcessId
GetLocaleInfoA
GetACP
SetConsoleCursorPosition
IsDebuggerPresent
IsValidLocale
OpenMutexA
CreateMutexA
GetCPInfo
CompareStringW
TlsSetValue
UnhandledExceptionFilter
WriteProfileStringW
SetLastError
LoadLibraryA
GetLocaleInfoW
GetStartupInfoW
GetCurrentThreadId
FreeEnvironmentStringsA
LeaveCriticalSection
DebugBreak
InterlockedDecrement
lstrcmpi
OpenEventA
Sleep
DosDateTimeToFileTime
WriteFile
HeapSize
GetTimeFormatA
GetProcessHeap
GetNumberFormatW
CreateFileA
VirtualFreeEx
GetCurrentDirectoryA
GetStdHandle
IsValidCodePage
GetConsoleTitleW
GlobalDeleteAtom
lstrcmpiA
WriteProfileStringA
FreeEnvironmentStringsW
CloseHandle
GetUserDefaultLCID
VirtualQuery
GetVolumeInformationW
LCMapStringW
HeapAlloc
GetConsoleOutputCP
GetTickCount
DeleteCriticalSection
GetVersionExA
SetVolumeLabelA
SetComputerNameA
GetConsoleCP
ExitProcess
WriteProfileSectionA
GetModuleFileNameW
GetTempFileNameA
EnumSystemLocalesA
CreateMailslotW
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
SetStdHandle
SetConsoleTitleW
GetModuleFileNameA
lstrlenW
ReadConsoleOutputCharacterA
IsBadReadPtr
GetAtomNameA
GetExitCodeThread
HeapCreate
WaitNamedPipeA
GetTimeZoneInformation
InitializeCriticalSection
GetCurrentThread
SetConsoleMode
HeapFree
SetCriticalSectionSpinCount
GetStringTypeA
GetShortPathNameA
MapViewOfFile
LockFile
CreateThread
ReadConsoleOutputA
CreateEventW
SetEnvironmentVariableA
GetStringTypeW
GetCommandLineW
InterlockedIncrement
lstrcmp
InterlockedExchange
lstrcmpA
OutputDebugStringA
GetCompressedFileSizeA
TlsAlloc
WriteConsoleW
GetDiskFreeSpaceExW
QueryPerformanceCounter
GetStartupInfoA
WriteFileEx
FlushFileBuffers
RtlFillMemory
TerminateProcess
LoadResource
GlobalUnfix
SetFilePointer
GetDateFormatA
LCMapStringA
SetConsoleCtrlHandler
WritePrivateProfileStructA
SetConsoleCursorInfo
GetCommandLineA
GetOEMCP
GetPrivateProfileIntA
GetModuleHandleA
GetProfileStringW
WaitForSingleObject
GetComputerNameA
HeapReAlloc
OpenWaitableTimerA
ReleaseMutex
VirtualAlloc
GetEnvironmentStringsW
TransactNamedPipe
CreateProcessA
WriteConsoleA
FindNextFileA
GetSystemTimeAsFileTime
DeleteFileA

comctl32

DrawInsert
ImageList_ReplaceIcon
ImageList_Replace
ImageList_EndDrag
ImageList_GetIcon
ImageList_Destroy
CreateStatusWindowA
ImageList_BeginDrag
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_AddMasked
CreateMappedBitmap
ImageList_DrawIndirect
CreateToolbar
CreateToolbarEx
DrawStatusTextW
ImageList_Merge
DrawStatusTextA
ImageList_LoadImageA
InitMUILanguage
MakeDragList
ImageList_GetFlags
CreateUpDownControl
ImageList_GetImageRect

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c88f59b5917257c7fbdf73971e65fb51

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 116KB - Virtual size: 121KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 116KB - Virtual size: 121KB

.rsrc
Size: 48KB - Virtual size: 45KB