a6361b3f048d67f502ed57a7f576fbc7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6361b3f048d67f502ed57a7f576fbc7_JaffaCakes118
Size

181KB
MD5

a6361b3f048d67f502ed57a7f576fbc7
SHA1

ec1752f5467bcc8836e6b97d12a4a84050e1c99f
SHA256

c3af49ffb123cb3f810d642d824ba2d00ddf822622b05ceb17d9cdc6c2ace99d
SHA512

88f9a0741db20ec2e9db072e72778229abefb2aa9cf67534e737722543d7447948d3d57861165b7c0aadb43147df87274a802f9ad2301a0a2f05f58215cde6de
SSDEEP

3072:gbH3Q4Ny479bHdKILIbpWCCS72CCmzkBi6B1PKXOOKrFtfdvUw1FezSW:gbHA4Ny4RbcILIbptCSim0LyXMXfd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6361b3f048d67f502ed57a7f576fbc7_JaffaCakes118

Files

a6361b3f048d67f502ed57a7f576fbc7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

265952686c427d9b738f5d6d8c459be8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
LCMapStringA
WriteConsoleOutputAttribute
GetConsoleTitleA
GetBinaryTypeA
FlushFileBuffers
GetCommModemStatus
OpenWaitableTimerA
WriteConsoleOutputA
SleepEx
GetNumberFormatA
GetThreadContext
GetFullPathNameA
WritePrivateProfileStructA
GetSystemDirectoryA
OpenJobObjectA
GlobalFindAtomA
OpenMutexA
SetFileAttributesA
OpenEventA
GetUserDefaultLangID
WritePrivateProfileSectionA
GetConsoleCursorMode
RemoveDirectoryA
BuildCommDCBAndTimeoutsA
ReadConsoleOutputCharacterA
SetSystemTimeAdjustment
SetLocalTime
ReplaceFile
GetFileType
IsBadHugeReadPtr
GetVolumePathNameA
HeapDestroy
GetExitCodeProcess
GetModuleHandleA
SetFilePointer
GetTempPathA
CreateTimerQueue
ReadConsoleA
Toolhelp32ReadProcessMemory
CreateMutexA
UnlockFileEx
GetExitCodeThread
IsSystemResumeAutomatic
GetLastError
GetConsoleWindow
OpenFile
Heap32Next
LocalFileTimeToFileTime
EscapeCommFunction
WriteConsoleA
HeapFree
SetThreadExecutionState
GetProcessAffinityMask
FileTimeToLocalFileTime
MoveFileWithProgressA
DeleteTimerQueue
LocalHandle
GetVersion
DisconnectNamedPipe
VirtualAllocEx
GetCommMask
GetThreadPriority
ReadFileEx
GetModuleHandleA
GetProcessPriorityBoost
lstrcatA
WriteConsoleOutputCharacterW
FindResourceA
SetEvent
IsBadWritePtr
FindFirstVolumeMountPointW
FormatMessageA
DuplicateHandle
WaitForSingleObject
GetComputerNameExA
ResetEvent
SetEndOfFile
GetStringTypeExW
GetCurrentProcessId
SetFileShortNameA
GetEnvironmentVariableA
DeleteTimerQueueTimer
GetNamedPipeHandleStateA
GetThreadTimes
CreateWaitableTimerA
GetModuleHandleA
GetCurrentProcess
GetCurrentConsoleFont
TerminateProcess
PulseEvent
GetLogicalDrives
GetConsoleOutputCP
GetCommMask
GetStringTypeExA
GetUserGeoID
CancelWaitableTimer
GetDiskFreeSpaceA
GetComputerNameA
GetThreadPriorityBoost
FindNextVolumeA
VirtualQuery
SetTapePosition
ReadConsoleA
LocalSize
LocalAlloc
Heap32Next
ClearCommBreak
GlobalReAlloc
GetFileAttributesExA
GetShortPathNameA
GlobalFlags
GetDriveTypeA
GetPrivateProfileSectionNamesA
GetStdHandle
GetCurrencyFormatA
GetThreadSelectorEntry
IsBadStringPtrA
GlobalHandle
SetConsoleTextAttribute
GetConsoleCursorInfo
HeapQueryInformation
Heap32ListFirst
ExitProcess
CreateNamedPipeA
GetVolumePathNamesForVolumeNameA
GetCPInfoExA
GetExitCodeProcess
IsBadReadPtr
GetDiskFreeSpaceExA
lstrcmpiA
MapViewOfFileEx
FindFirstVolumeA
OpenEventA
FindNextFileA
GetDllDirectoryA
GetConsoleCursorInfo
GetVersionExA
MulDiv
HeapUnlock

user32

EnumDisplayDevicesA
GetNextDlgGroupItem
UnregisterClassA
GetDoubleClickTime
CallWindowProcA
CallWindowProcA
UnhookWindowsHookEx
SetClassLongA
MessageBeep
InvalidateRgn
GetClipboardSequenceNumber
CopyAcceleratorTableA
SetCapture
GetClassLongA
GetDialogBaseUnits
GetClipboardFormatNameA
LoadIconA
ShowOwnedPopups
ChangeMenuA
CheckDlgButton
CliImmSetHotKey
AppendMenuA
SendIMEMessageExA
GetNextDlgGroupItem
GetWindowThreadProcessId
BroadcastSystemMessageExW
UnregisterMessagePumpHook
LoadAcceleratorsA
RegisterRawInputDevices
SetMenu
CreateDialogIndirectParamA
GetWindowDC
GetTabbedTextExtentA
CallNextHookEx
GetGUIThreadInfo
CharPrevExA
ChangeDisplaySettingsExA
GetCursorPos
GetAltTabInfoA
IntersectRect
ShowWindow
MenuWindowProcA
GetDlgItem
MonitorFromPoint
GetCursorFrameInfo
EnumDesktopsA
CharPrevExA
IsIconic
InSendMessage
SendMessageTimeoutA
InternalGetWindowText
DragObject
SetDoubleClickTime
AnyPopup
IsRectEmpty
GetInternalWindowPos
SetPropA
GetRawInputDeviceList
RegisterClipboardFormatA
IsDialogMessageA
SendMessageTimeoutA
GetIconInfo
TabbedTextOutA
IsWindowEnabled
GetMenuBarInfo
LoadMenuIndirectA
TranslateAcceleratorA

advapi32

AddAccessDeniedObjectAce

Sections

.text
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

265952686c427d9b738f5d6d8c459be8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 52KB

.idata Size: 98KB - Virtual size: 100KB

.rsrc Size: 33KB - Virtual size: 36KB

.text
Size: 48KB - Virtual size: 52KB

.idata
Size: 98KB - Virtual size: 100KB

.rsrc
Size: 33KB - Virtual size: 36KB