b6b133cdaeb9afd00a3ed4019aacc03f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6b133cdaeb9afd00a3ed4019aacc03f_JaffaCakes118
Size

501KB
MD5

b6b133cdaeb9afd00a3ed4019aacc03f
SHA1

ab35ffe6d2ca183e121d7896d60b60655ea9da3d
SHA256

bbcdc91c668ad2f1a0b61789a641d55266f679f77d9d4dce1eef1571d5d50281
SHA512

c7d165442258dc33bbc96960fb72583248827de4afc9a020f79cc7d5dd2c96497aa4000790b5e3847f824f09cdac5002bfe7fd39f9301c4661c8a1c056195672
SSDEEP

12288:4LdtQO4HLcRZUN6jcVhiGh0bu+Vcht8o2KPti9LJtqqdn:qtkHLcRZUs9Db1q09TDn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6b133cdaeb9afd00a3ed4019aacc03f_JaffaCakes118

Files

b6b133cdaeb9afd00a3ed4019aacc03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

585e17a810e7a80733ae3a455a17a8c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
FindTextW

shell32

InternalExtractIconListA

comctl32

InitCommonControlsEx

kernel32

LocalFileTimeToFileTime
LCMapStringA
GlobalReAlloc
CreateSemaphoreA
GetStdHandle
GetFileType
GetTickCount
HeapCreate
OpenMutexA
GetStartupInfoW
GetEnvironmentStrings
GetModuleFileNameW
VirtualQuery
EnumSystemLocalesA
GetEnvironmentStringsW
SetHandleCount
TlsGetValue
InitializeCriticalSection
GetTimeZoneInformation
HeapLock
IsBadWritePtr
GetCurrentProcess
WriteFile
EnumDateFormatsExA
MultiByteToWideChar
UnhandledExceptionFilter
HeapAlloc
lstrlenW
OpenMutexW
VirtualFree
GetCurrentThread
CloseHandle
DeleteCriticalSection
GetSystemDefaultLangID
TlsFree
TlsSetValue
GetCurrentProcessId
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
HeapSize
GetStringTypeA
GetTimeFormatA
FreeEnvironmentStringsW
GetProcAddress
HeapFree
FreeEnvironmentStringsA
GetOEMCP
ContinueDebugEvent
GetModuleHandleW
GetLocaleInfoW
GetSystemTimeAsFileTime
CompareStringA
GetDateFormatA
ReadFile
GetLastError
GetVersionExA
LocalCompact
RtlUnwind
GetModuleHandleA
GetModuleFileNameA
GetCommandLineW
FlushFileBuffers
WideCharToMultiByte
GetNumberFormatA
VirtualProtect
SetFilePointer
GetCPInfo
ExitProcess
EnterCriticalSection
GetSystemInfo
GetStartupInfoA
GetStringTypeW
IsValidCodePage
LCMapStringW
GetCurrentThreadId
QueryPerformanceCounter
GetFileAttributesExA
VirtualAlloc
GetLocaleInfoA
GetThreadContext
TlsAlloc
HeapReAlloc
EnumResourceNamesA
TerminateProcess
SetLastError
IsValidLocale
SetStdHandle
GetACP
GetPrivateProfileIntA
LeaveCriticalSection
HeapDestroy
InterlockedExchange
GetFileAttributesExW
GetUserDefaultLCID
CreateMutexA
LoadLibraryA

user32

GetKeyboardType
RegisterHotKey
GetClassLongA
EndTask
SetScrollPos
EnumDisplayDevicesW
ShowWindowAsync
MonitorFromWindow
EndDialog
RegisterClassA
PeekMessageA
GetClipboardSequenceNumber
DispatchMessageA
PostThreadMessageA
ReuseDDElParam
DefFrameProcA
SetActiveWindow
DlgDirSelectComboBoxExA
RegisterClassExA
DrawAnimatedRects
FindWindowExA
DdeClientTransaction
InsertMenuW
InvertRect
GetClipboardOwner
SwitchToThisWindow
InflateRect

Sections

.text
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

585e17a810e7a80733ae3a455a17a8c6

Headers

File Characteristics

Imports

comdlg32

shell32

comctl32

kernel32

user32

Sections

.text Size: 345KB - Virtual size: 344KB

.rdata Size: 34KB - Virtual size: 42KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 345KB - Virtual size: 344KB

.rdata
Size: 34KB - Virtual size: 42KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 17KB - Virtual size: 17KB