b51cf12cb5068fc9bd905316e7605e60_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b51cf12cb5068fc9bd905316e7605e60_JaffaCakes118
Size

348KB
MD5

b51cf12cb5068fc9bd905316e7605e60
SHA1

74b7763f12426ae01c2965e2f332661b1dffaabf
SHA256

a662f691fad141de5cc2261f6d428653ea449c9f8a8208278f180254a1cacb94
SHA512

9f310e641c9d48f5f12c17d97aae8daf7d8ab9b42663a463d884d3021d38ce08352c88fa05f801716eac8d4d600df7e4782b6d345910400769207ac64cae6618
SSDEEP

6144:V27ETlIT3CGJQTmGd25fkEGwRSP3NsW17aDyhnGCSEVfk/yJA:eeWyby1kEGwRWdsWkDyhBSEtk/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b51cf12cb5068fc9bd905316e7605e60_JaffaCakes118

Files

b51cf12cb5068fc9bd905316e7605e60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1b65a9a8020bc40b5119b1bf7010702

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForDebugEvent
WriteFileEx
SetFileAttributesA
GetCommandLineA
LZOpenFileA
GetFileAttributesExA
GetCurrencyFormatA
SetHandleInformation
GetExitCodeProcess
LocalFileTimeToFileTime
IsBadStringPtrA
OpenWaitableTimerA
VirtualAllocEx
EndUpdateResourceA
LoadLibraryExW
GetSystemTime
DisconnectNamedPipe
CloseHandle
GetComputerNameA
SetProcessWorkingSetSize
ReadConsoleOutputCharacterA
Module32First
GetEnvironmentStringsA
FindNextChangeNotification
VerifyVersionInfoA
GlobalFix
GetFileAttributesExA
AllocConsole
HeapFree
PrepareTape
PeekConsoleInputA
GetCurrentProcessId
SetSystemTime
ReplaceFileA
lstrcpy
SetConsoleLocalEUDC
AddConsoleAliasA
SetThreadLocale
ReadConsoleInputA
GetProcessTimes
GetVolumePathNameA
GetWindowsDirectoryA
FindFirstFileA
MapUserPhysicalPages
FlushViewOfFile
SetConsoleHardwareState
RemoveDirectoryA
GlobalMemoryStatusEx
VirtualLock
SetTimeZoneInformation
LoadLibraryExA
IsDebuggerPresent
GetSystemInfo
MoveFileExA
WaitForSingleObject
PurgeComm
GetSystemDirectoryA
GetFullPathNameA
GetFileTime
GetTempPathA
ReadConsoleA
GetDiskFreeSpaceA
GetVersionExA
SetLocaleInfoA
GetOEMCP
Process32First
GetCurrentDirectoryA
ReadConsoleA
GetEnvironmentVariableA
GetConsoleAliasA
ExpungeConsoleCommandHistoryA
OpenMutexA
ReleaseMutex
GetVersionExA
SetFileApisToANSI
GetTickCount
GetTimeFormatA
UnlockFileEx
SetUserGeoID
GetCommState
SetDefaultCommConfigA
WideCharToMultiByte
GetDllDirectoryA
SetEvent
UnlockFileEx
GetFileSizeEx
GetUserDefaultLCID
BuildCommDCBAndTimeoutsA
QueryDosDeviceA
FileTimeToDosDateTime
DeleteTimerQueue
WriteConsoleInputA
LocalHandle
ClearCommError
ReadConsoleOutputCharacterA
GlobalFindAtomA
GetCPInfoExA
IsBadHugeWritePtr
ReadConsoleA
SetCommBreak
IsBadCodePtr
IsValidCodePage
OpenEventA
GetCurrentDirectoryA
WriteConsoleInputA
WriteProfileSectionA
TransactNamedPipe
GetConsoleSelectionInfo
GetOEMCP
GetTickCount
QueryPerformanceCounter
CloseConsoleHandle
GetSystemTimes
UpdateResourceA
CancelWaitableTimer
GetVolumeNameForVolumeMountPointA
DeleteAtom
WriteConsoleA
LocalHandle
GetDllDirectoryA
FindAtomA
SetFilePointerEx
GetDiskFreeSpaceExA
_hread
LocalUnlock
ReadConsoleOutputCharacterA
GetLocaleInfoA
SetConsoleDisplayMode
GetPrivateProfileStringA
GetConsoleTitleA
GetDefaultCommConfigA
QueryDosDeviceA
CopyFileExW
LocalFlags
TransactNamedPipe
GetThreadLocale
ReleaseMutex
QueryPerformanceCounter
MulDiv
GetConsoleWindow
WriteConsoleOutputA
GetVersionExA
GetModuleFileNameA
ExitProcess
OpenJobObjectA
OpenProcess
WriteConsoleOutputA
lstrcat
LocalFlags
GetFileSizeEx
RaiseException
GetNumberFormatA
GetCurrentProcess
EnumTimeFormatsA
DisconnectNamedPipe
OpenThread
OpenThread
FindNextVolumeMountPointA
CreateEventA
ConnectNamedPipe
PulseEvent
ReleaseSemaphore
UnlockFile
WritePrivateProfileStringA
GetQueuedCompletionStatus
SetConsoleFont
IsSystemResumeAutomatic
ConnectNamedPipe
GetTempFileNameA
HeapUnlock
IsBadReadPtr
IsSystemResumeAutomatic
GetSystemTimes
GetProcessHandleCount
GetSystemDefaultLCID

user32

DefWindowProcA
UpdateWindow
PackDDElParam
SetMenu
DestroyMenu
ShowCaret
DrawIconEx
CreateSystemThreads
GetWinStationInfo
GetTabbedTextExtentA
SetScrollPos
SetCursorContents
InsertMenuItemW
SetLastErrorEx
GetKeyNameTextA
CharToOemBuffA
InsertMenuItemA
CharUpperA
AlignRects
LoadKeyboardLayoutA
LockWindowStation
GetWindowTextLengthA
PostMessageA
SendIMEMessageExA
FlashWindow
GetClientRect
SendDlgItemMessageA
IsGUIThread
GetScrollInfo
EndTask
MonitorFromWindow
AppendMenuA
RegisterClipboardFormatA
DestroyCursor
GetIconInfo
ExcludeUpdateRgn
SendNotifyMessageA
IsGUIThread
InflateRect
GetWindowTextA
PaintDesktop
ExitWindowsEx
SystemParametersInfoA
ShowCaret
GetWindowRgnBox
DrawStateA
GetKeyState
ShowOwnedPopups
RemovePropA
RegisterTasklist
GetClientRect
DestroyMenu
ModifyMenuA
DrawFrameControl
DrawFocusRect
BeginPaint
PostThreadMessageA
LoadMenuIndirectA
CreateWindowStationW
SetKeyboardState
PostThreadMessageA
TabbedTextOutA
GetClipboardData
AttachThreadInput
EqualRect
GetLastInputInfo
RemovePropA
CreateWindowStationA
CreateDialogIndirectParamA
CreateAcceleratorTableA
EnumDisplaySettingsA
SetPropA
MessageBoxTimeoutA
SetWindowTextA
MapDialogRect
RegisterTasklist
IsIconic
GetWindowRect
EnableMenuItem
CreateDialogIndirectParamA
GetInputDesktop
DrawTextA
LockWorkStation
CharPrevExA
GetMessagePos
SetMenuItemInfoA
GetMonitorInfoA
DefWindowProcA
TabbedTextOutA
IsServerSideWindow

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1b65a9a8020bc40b5119b1bf7010702

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 344B

.text Size: 180KB - Virtual size: 449KB

.idata Size: 96KB - Virtual size: 95KB

.rsrc Size: 68KB - Virtual size: 66KB

.itext
Size: - Virtual size: 344B

.text
Size: 180KB - Virtual size: 449KB

.idata
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 68KB - Virtual size: 66KB