6ff415d690da4ec5fbf1e6168b68389c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ff415d690da4ec5fbf1e6168b68389c_JaffaCakes118
Size

204KB
MD5

6ff415d690da4ec5fbf1e6168b68389c
SHA1

89508dec4e1f0444e78be5ed480b9e62a4417921
SHA256

87895fee62d001fe4b5ed4d60f16ce3591c4726a4317208d15896bdce601b042
SHA512

e41a7d49a9c5d75855df69c4b4991d7a2e7b7e382ed52f0becc08310610d6be9fa686e7ac8886e4ccfc11ed66477020dd2c38b0383afd5b5f997d7f2463954f0
SSDEEP

3072:jq1EPtea37oqZF5xQ5yMtTZp86j0BD2WGpv2TtTBo65u+WsuHcXISxy0kcHUvPI4:j1b7jzMPp86j0BD2WJZTBHJTXIey0+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ff415d690da4ec5fbf1e6168b68389c_JaffaCakes118

Files

6ff415d690da4ec5fbf1e6168b68389c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2493d45a5f70f7671bbfaac1a354344

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ScaleWindowExtEx
SetStretchBltMode
CreateEllipticRgn
SetTextAlign
SaveDC
CreateFontIndirectA
SetPaletteEntries
PtVisible
CopyMetaFileW
GetPaletteEntries
ExtSelectClipRgn
GetDeviceCaps
ExtTextOutW
CreateDCW
CreatePalette
CreateBrushIndirect

advapi32

SetServiceStatus
RegQueryValueW
RegOpenKeyExW
StartServiceW
RegisterServiceCtrlHandlerA
RegEnumKeyExW
LookupAccountSidW
RegDeleteKeyA
EqualSid
GetSecurityDescriptorControl
RegOpenKeyW
FreeSid
RegOpenKeyExA
RegCloseKey

msvcrt

_CxxThrowException
sprintf
_exit
exit
wcstok
_wcsicmp
_wgetenv
wcsncat
_wmakepath
_close
?terminate@@YAXXZ
_wcsnicmp
wcstol
_wmkdir
_fsopen
_write
_vsnwprintf
fputc
__p__fmode
_endthreadex
_wfullpath

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

lstrcpyA
FindFirstFileW
WriteConsoleW
DuplicateHandle
RaiseException
SetCurrentDirectoryW
VirtualProtect
lstrcmpiA
LoadLibraryA
MoveFileExW
OpenEventW
UnhandledExceptionFilter
ExitProcess
GetSystemTime
HeapReAlloc
HeapFree
FreeLibrary
GetPrivateProfileStringA
GetModuleHandleW
TlsFree
VirtualAlloc

Sections

.text
Size: 153KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 17KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2493d45a5f70f7671bbfaac1a354344

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

msvcrt

version

kernel32

Sections

.text Size: 153KB - Virtual size: 154KB

.data Size: 2KB - Virtual size: 2KB

.ndata Size: 17KB - Virtual size: 319KB

.rdata Size: 16KB - Virtual size: 153KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 153KB - Virtual size: 154KB

.data
Size: 2KB - Virtual size: 2KB

.ndata
Size: 17KB - Virtual size: 319KB

.rdata
Size: 16KB - Virtual size: 153KB

.rsrc
Size: 15KB - Virtual size: 16KB