0069badeb6d6419b79dcd170def9cf43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0069badeb6d6419b79dcd170def9cf43_JaffaCakes118
Size

393KB
MD5

0069badeb6d6419b79dcd170def9cf43
SHA1

d4b309d016ece3a2169dcb5a302992a99a40aff7
SHA256

31301e4353110752a224d936390ad3ccd59c399c0290800ef150cf8e989c4888
SHA512

eb63ed4f7b051f2e8d03cb49afb1a47d9db1c768c69600feb084f58aa9a0fc5338b16cb8d200e40cb1411e42279f21fc7374dd581aa4c8a21519fe755ad0abf5
SSDEEP

6144:aqCVNhOwhslLoE55alrWivFNH75+RaITWyNQrS97Jo5nSmqt:MVNhOwhu0E4BvFNH1+RNjNQqSRTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0069badeb6d6419b79dcd170def9cf43_JaffaCakes118

Files

0069badeb6d6419b79dcd170def9cf43_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63b4541da5abc4c0c1bc7d0a4f0a1ee6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
HeapReAlloc
VirtualAlloc
HeapSize
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
MultiByteToWideChar
GetStringTypeA
ReadFile
EnumSystemLocalesA
GetCurrentProcess
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetCPInfo
LoadLibraryW
ExitProcess
Sleep
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleA
FreeConsole
GlobalAlloc
GlobalFree
GetCurrentProcessId
GetConsoleWindow
CreateEventA
WaitForSingleObject
OpenFileMappingA
MapViewOfFile
LoadLibraryA
GetProcAddress
FindResourceA
LoadResource
FreeResource
GetStdHandle
CreateFileA
GetCommState
SetupComm
PurgeComm
GetStringTypeW
GetCurrentThread
CloseHandle
InterlockedDecrement
InterlockedIncrement
CreateFileW
RaiseException
RtlUnwind
GetModuleFileNameW
GetFileType
WriteConsoleW
SetLastError
HeapAlloc
GetFileSizeEx
SetFilePointerEx
GetLocaleInfoA
WriteFile
GetLastError
IsValidLocale

user32

ShowWindow
SetFocus
SetWindowTextW
wsprintfW
CreateMenu
CreatePopupMenu
TrackPopupMenu
DefFrameProcA
SetCapture
CreateWindowExW
PostQuitMessage
GetWindow
DrawMenuBar
IsClipboardFormatAvailable
SetMenuItemInfoA
IsWindow
GetSystemMetrics
DestroyMenu
GetDesktopWindow
GetDC
LoadIconA
LoadCursorA
CreateWindowExA
LoadMenuA
SetMenu
GetMessageA
DispatchMessageA
GetCursorPos
FindWindowA
TrackPopupMenuEx
GetMenu
MenuItemFromPoint
GetMenuItemID
SendMessageW
GetSubMenu
GetMenuItemRect
ScreenToClient
OffsetRect
IsDlgButtonChecked
GetIconInfo
GetFocus
DrawFocusRect
LoadBitmapW
SendMessageA
GetClientRect
InvalidateRect
CreateDialogParamA
SetDlgItemTextA
GetWindowTextLengthA
GetWindowDC
GetWindowRect
IntersectRect
GetAsyncKeyState
GetWindowTextA
CheckMenuItem
LookupIconIdFromDirectory
BeginPaint
ValidateRect
EndPaint
DefWindowProcA
SystemParametersInfoA
wsprintfA
GetWindowLongA

gdi32

SetMapMode
GetEnhMetaFileA
GetWinMetaFileBits
SetMetaFileBitsEx
PlayMetaFile
CopyMetaFileA
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
GetStockObject
CreatePen
SetViewportOrgEx
CreateDIBSection
DeleteObject
CreateFontIndirectA
CreateSolidBrush
GetObjectA
SetWindowExtEx
SetViewportExtEx
LineTo
MoveToEx
SelectObject
CreateCompatibleDC

advapi32

OpenProcessToken
OpenThreadToken
PrivilegeCheck

shell32

SHGetFileInfoA

ole32

OleInitialize
CoCreateInstance
OleUninitialize
GetRunningObjectTable
CreateItemMoniker

oleaut32

OleSavePictureFile
SysFreeString
SysAllocString
VariantInit
RevokeActiveObject

odbc32

ord41
ord65
ord66

netapi32

NetUserEnum
NetApiBufferFree

psapi

EnumPageFilesA

msi

ord73

avifil32

AVIFileRelease

winmm

sndPlaySoundA

shlwapi

UrlGetPartW

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_Create
ord413
InitCommonControlsEx

wintrust

OpenPersonalTrustDBDialog
CryptCATStoreFromHandle
CryptCATPutMemberInfo

xmllite

CreateXmlReader

setupapi

SetupDiClassGuidsFromNameA

uxtheme

CloseThemeData
OpenThemeData

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63b4541da5abc4c0c1bc7d0a4f0a1ee6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

odbc32

netapi32

psapi

msi

avifil32

winmm

shlwapi

comctl32

wintrust

xmllite

setupapi

uxtheme

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 13KB - Virtual size: 20KB

.rsrc Size: 212KB - Virtual size: 211KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 13KB - Virtual size: 20KB

.rsrc
Size: 212KB - Virtual size: 211KB