6fed0abf9b7f6c1ba7b5aa466005f74a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6fed0abf9b7f6c1ba7b5aa466005f74a_JaffaCakes118
Size

218KB
MD5

6fed0abf9b7f6c1ba7b5aa466005f74a
SHA1

3a69af732220b3a11128f3ea2680f6b5d9110fd0
SHA256

7ce0d0f1d70d0806a4014cc9a2eef40976a8c59ccb799d07dc9b3f6c90dc0935
SHA512

552cfe6eae37fe07d04380ddb0b5720505da60c1625e9b26f427c85313d306cdf00eb00ebfca3746da7b57fb842d50e855b208b0f14626eb729462e3e740ece5
SSDEEP

6144:pRJp1pxK24OJOqBgN49l3g9/ddkigOTO:zRpxK24fgScDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fed0abf9b7f6c1ba7b5aa466005f74a_JaffaCakes118

Files

6fed0abf9b7f6c1ba7b5aa466005f74a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c56a8a95096a4c3d66a4c9e0e23f6cd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FreeLibrary
GlobalAlloc
VirtualFree
GetCurrentProcessId
FreeResource
VirtualAllocEx
GetVersionExA
GetFileAttributesA
LoadLibraryExA
GetACP
GetCurrentThread
GlobalFindAtomA
GetProcessHeap
GetLocalTime
lstrlenA
GetFileType
lstrlenW
FormatMessageA
DeleteCriticalSection
GetModuleHandleA
GetDateFormatA
GetFullPathNameA
CreateEventA
LocalReAlloc
GetProcAddress
lstrcpynA
GlobalAddAtomA
FindResourceA
GetCommandLineA
EnumCalendarInfoA
lstrcatA
GetEnvironmentStrings
GetOEMCP
VirtualAlloc
LoadResource
LocalFree
GetStartupInfoA
HeapAlloc
GetSystemDefaultLangID
GetThreadLocale
GetModuleFileNameA
SetEvent
GetCurrentThreadId
CreateThread
MoveFileA
GetVersion
WriteFile
CloseHandle
CompareStringA
Sleep
FindFirstFileA
ExitThread
HeapFree
MoveFileExA
lstrcmpiA
CreateFileA
GetUserDefaultLCID
SetErrorMode
SetEndOfFile
GetStringTypeA
MulDiv
lstrcmpA
InitializeCriticalSection
SetHandleCount
FindClose
VirtualQuery
LocalAlloc
ReadFile
GetStdHandle
GlobalDeleteAtom
RaiseException
GetDiskFreeSpaceA
HeapDestroy

advapi32

RegLoadKeyA
RegCreateKeyA

user32

GetClipboardData
GetIconInfo
EnableMenuItem
DrawEdge
GetDC
GetSysColorBrush
GetScrollRange
GetPropA
CallNextHookEx
ShowWindow
GetDesktopWindow
GetMenuItemCount
GetKeyState
DrawTextA
IsWindowEnabled
GetFocus
FrameRect
EnumChildWindows
GetMenu
SystemParametersInfoA
EnableWindow
SetWindowPos
CheckMenuItem
CharLowerBuffA
FillRect
BeginDeferWindowPos
GetCursorPos
TrackPopupMenu
SetTimer
SetWindowLongA
GetKeyNameTextA
GetDlgItem
GetParent
CreateIcon
BeginPaint
GetClassLongA
DeferWindowPos
GetLastActivePopup
DispatchMessageA
RegisterClassA
ShowScrollBar
GetSysColor
DrawFrameControl
CreatePopupMenu
GetWindowTextA
CharToOemA
DispatchMessageW
DefWindowProcA
DrawIconEx
SetWindowTextA
EndDeferWindowPos
GetForegroundWindow
EndPaint
DefFrameProcA
CreateWindowExA
EnumWindows
ClientToScreen
MessageBoxA
GetMessagePos
IsDialogMessageA
GetCursor
DrawIcon
CreateMenu
CharLowerA
GetMenuStringA
DrawMenuBar
GetScrollInfo
EnableScrollBar
GetSubMenu
GetMenuItemID
GetClassInfoA
EnumThreadWindows
EqualRect
GetActiveWindow
GetScrollPos

Sections

DATA
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c56a8a95096a4c3d66a4c9e0e23f6cd9

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

DATA Size: 59KB - Virtual size: 60KB

.rdata Size: 48KB - Virtual size: 48KB

.edata Size: 55KB - Virtual size: 56KB

.init Size: 37KB - Virtual size: 40KB

CODE Size: 2KB - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

INIT Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

DATA
Size: 59KB - Virtual size: 60KB

.rdata
Size: 48KB - Virtual size: 48KB

.edata
Size: 55KB - Virtual size: 56KB

.init
Size: 37KB - Virtual size: 40KB

CODE
Size: 2KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

INIT
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB