a6dded9cc7a14bb95907caed6e2350c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6dded9cc7a14bb95907caed6e2350c6_JaffaCakes118
Size

448KB
MD5

a6dded9cc7a14bb95907caed6e2350c6
SHA1

cc72f51878c30cfd1324caa19d1954a0e24a154f
SHA256

f0b7be13796addb2aa7f6654eb1f692118f791bac38db0878e65df5f722ed638
SHA512

48a86499e25ddc70194c5c27f9cc7173a476b2b07556e8de2750ef0dc023116d8ed4352471575dd38d9c2791484011a2e1a6736418a7e9f9360f4a6dd6a88bfb
SSDEEP

6144:9Rqma9gTGmwXekpKrTOzgOufb+cwOB/PPh5CpzhS+MavLyR8BabDKNiHIbIHe8aq:ymGIlbOEOGO2/Xq9pjy1bDKNLEHrI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6dded9cc7a14bb95907caed6e2350c6_JaffaCakes118

Files

a6dded9cc7a14bb95907caed6e2350c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

815df6c83dcf3e5c23c714e9087af3fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogParamA
ShowWindow
IsChild
SetWindowPlacement
MessageBoxA
CascadeWindows
GetWindowRect
SetDlgItemInt
IsWindowUnicode
SetSysColors
EnumWindows
IsZoomed
GetNextDlgGroupItem

ole32

OleRegEnumVerbs
PropStgNameToFmtId
CoLoadLibrary
OleRun
OleCreateFromDataEx
OleLockRunning
SetConvertStg
CoRegisterMessageFilter
FmtIdToPropStgName
CoRevokeClassObject
BindMoniker
OleCreateDefaultHandler
WriteFmtUserTypeStg

oleaut32

LHashValOfNameSysA
SafeArrayUnlock

advapi32

RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegUnLoadKeyA
RegLoadKeyA
RegQueryInfoKeyA
RegFlushKey
RegQueryValueA
RegSetValueExA

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RaiseException
InterlockedIncrement
LoadLibraryA
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetModuleHandleA
GetTimeFormatA
SetEvent
GlobalHandle
GetUserDefaultLangID
GetACP
IsBadReadPtr
WideCharToMultiByte
HeapCreate
GlobalLock
DeleteCriticalSection
GlobalFree
HeapFree
GetPrivateProfileSectionNamesA
GetProfileStringA
WriteProfileSectionA
WriteProfileStringA
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
VirtualFree
RtlUnwind
WriteFile
GetProcAddress

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

815df6c83dcf3e5c23c714e9087af3fc

Headers

File Characteristics

Imports

user32

ole32

oleaut32

advapi32

kernel32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 279KB - Virtual size: 363KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 279KB - Virtual size: 363KB

.rsrc
Size: 6KB - Virtual size: 5KB