b6a0863eec432833fb06165013951d2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6a0863eec432833fb06165013951d2a_JaffaCakes118
Size

228KB
MD5

b6a0863eec432833fb06165013951d2a
SHA1

fff000ca81b8ba31d724bff914cd9e69f329800d
SHA256

ae70a246cbd583a31141e938fe7c01ab71837ead5991dccae797299a9f81825e
SHA512

aeaae3a229286d4a5238cffa0f1a461085815c42c3851e7368589cdd93360c20df4503e5380eba6c34113c6299a212fd49c8652dda85700ab7bdfcb328cb891c
SSDEEP

3072:KYtc8dsA4svGgIB2Z/7EfAlNoBIlrA6vDk/VG9vZdq/fxrge3Coooe6VVAo7Spua:KYtYyQ2tI67kwt6/33Coooe6fAoe0B0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a0863eec432833fb06165013951d2a_JaffaCakes118

Files

b6a0863eec432833fb06165013951d2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cc61007535c96685cff343f71a768b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

maxdb

ObsPut
CompGet
SymGet
ObsRotate
OutFormat
DebugMode
HeapRealloc
NetFind
DebugEnabled
MirrorText
TextPut
TextRotate
TextGet
CompFind
CompPadRot
LogStr
LevLibFind
LevFind
HeapDeassign
SaveFilename
SwError
ObsGet
MirrorObs
ComErrExpect
ComErrInt
MemFreeConn
MemAllocConn
DbScale
MemFreeUnion
NoteGet
DbLoad
lstrCpy
LoadFilename
Flags
LogStrStr
NameCreate
LstrToUpper
ComIniCommand
ComIniClose
ComIniSection
ThruGet
HeapSlice
MemAllocUnion
DbGet
ConnGet
MassteckHeapAlloc
HeapAssign
SymGetPad
StratFilename
DbVersion
ComErrLong
DllInit
LangInit
SwFindFile
lstrCat
OutMode
LangStr
ComIniOpen
ComIniFileOpen
ConnNetFirst
FourthFilename
ConnNetNext
SegAdd
SegGet
NetGet
LevGet
AttrNext
AttrSearch
ConnPut
DistPointPoint
NameStr
ParseClose
DebugSync
ParseArgs
Chain

kernel32

RtlUnwind
LCMapStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
ReadFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
CreateFileA
HeapAlloc
LCMapStringW
WriteFile
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
GetStringTypeA
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
CloseHandle
GetLastError
HeapFree
InitializeCriticalSection
GetStringTypeW
GetVersionExA
LocalFree
LocalAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
MultiByteToWideChar

user32

WinHelpA
GetAsyncKeyState
EndPaint
PostQuitMessage
BeginPaint
LoadIconA
RegisterClassA
DefWindowProcA
CreateWindowExA
GetSystemMenu
BringWindowToTop
UpdateWindow
GetMessageA
ChangeMenuA
GetDlgItem
SetScrollRange
SendMessageA
SendDlgItemMessageA
GetScrollPos
SetScrollPos
FindWindowA
EndDialog
LoadStringA
SetDlgItemTextA
DialogBoxParamA
ReleaseDC
ShowWindow
PostMessageA
DestroyWindow
MessageBoxA
SetFocus
SetWindowTextA
GetFocus
GetParent
TranslateMessage
DispatchMessageA
LoadCursorA
SetCursor
wvsprintfA
GetDC
FillRect

gdi32

GetTextMetricsA
GetTextExtentPointA
GetStockObject
TextOutA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

Exports

Exports

AboutWndProc
ErrorHandler
MainWndProc
UIMSDlgWndProc

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3cc61007535c96685cff343f71a768b5

Headers

File Characteristics

Imports

maxdb

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 116KB