d6d00ee5645576c2ac88c6882e543c65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6d00ee5645576c2ac88c6882e543c65_JaffaCakes118
Size

332KB
MD5

d6d00ee5645576c2ac88c6882e543c65
SHA1

283520752112feceff780977c895055adefda66b
SHA256

3b83b5ad9d50d06001dd48e973cafcecffc119eeec386025b1a2460bafce4754
SHA512

066eb6857ea593fc950090f4ba1faf8bbe2fbd2f1a9921e47d635d1202d9e20edc39882c23b9342cefb5ebb0fa3f08b668c472e71f3195d9c444537811362df5
SSDEEP

6144:stT8Z1z8NrwvN5qVNckNB0tOpQlj6e8wU633BNNDyA4BhayDmdcEGN32:sGZ1qwv2C0BzpQlj6e8wUEfNerKcE62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6d00ee5645576c2ac88c6882e543c65_JaffaCakes118

Files

d6d00ee5645576c2ac88c6882e543c65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8f0e2e64f4d9f6b7f3aa73a15cbb16e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetPrivateProfileStringA
GetNumberFormatW
GetUserDefaultLCID
CreateWaitableTimerA
FindCloseChangeNotification
GlobalFindAtomA
LocalFileTimeToFileTime
EnumResourceLanguagesW
SetMailslotInfo
SetConsoleActiveScreenBuffer
EnumDateFormatsW
CreateNamedPipeW
CreateMutexW
WriteConsoleOutputW
WritePrivateProfileStructA
WritePrivateProfileSectionW
InitializeCriticalSection
GetLargestConsoleWindowSize
TlsGetValue
lstrcpynA
SetConsoleWindowInfo
GetCommConfig
OpenMutexA
SetThreadLocale
CopyFileExW
IsDBCSLeadByteEx
IsBadWritePtr
ClearCommBreak
GetComputerNameW
OpenFile
GetStartupInfoA
ExitProcess
SetConsoleMode
EnumResourceNamesW
GlobalDeleteAtom
SwitchToFiber
GetDiskFreeSpaceExA
DuplicateHandle
GetCurrentProcessId
ReleaseSemaphore
SetEvent
LoadResource
GetVersion
FindFirstFileA
GetLocaleInfoW
GetProfileStringA
SetLastError
EndUpdateResourceA
PurgeComm
GlobalReAlloc
GetStringTypeExW
FreeLibrary
SetCommTimeouts
GetSystemInfo
LocalReAlloc
GetCompressedFileSizeW
FreeEnvironmentStringsA
FatalAppExitA
VirtualUnlock
GetUserDefaultLangID
SearchPathW
_llseek
SetProcessAffinityMask
GetDriveTypeW
DeleteFiber
QueryDosDeviceW
EnumCalendarInfoW
SetSystemTime
SetConsoleTitleA
GetThreadContext
SetProcessWorkingSetSize
EnumSystemCodePagesW
GetCommandLineA
GetVersionExA
OpenSemaphoreW
VirtualProtect

user32

RemoveMenu
ReleaseCapture
NotifyWinEvent
SetClipboardData
CharLowerBuffA
MapVirtualKeyA
EnumDesktopWindows
ToAscii
SendDlgItemMessageA
IsWindowVisible
CallNextHookEx
ToUnicodeEx
IsIconic
SetDlgItemTextW
LoadIconW
TranslateMessage
LoadCursorFromFileW
CreateAcceleratorTableA
SendInput
SetMenuInfo
SetWindowPlacement
WaitMessage
CharPrevW
SetWindowLongW

gdi32

IntersectClipRect
GetMapMode
ModifyWorldTransform
ExtFloodFill

comdlg32

FindTextA
ChooseColorW
ReplaceTextA

advapi32

CloseServiceHandle
RegSetValueW
EnumDependentServicesA
QueryServiceLockStatusW
ReadEventLogW
CryptCreateHash
CryptExportKey

shell32

Shell_NotifyIconW
SHFileOperationW
SHBrowseForFolderA
ShellExecuteA

ole32

ReadFmtUserTypeStg
OleSetMenuDescriptor
PropVariantCopy
CoMarshalInterface

oleaut32

SafeArrayUnaccessData
VariantChangeType
SetErrorInfo
SafeArrayPutElement
SafeArrayGetElement
SysFreeString
SysStringLen
LoadTypeLibEx
SafeArrayRedim

shlwapi

SHRegWriteUSValueW
SHGetValueA
PathCombineA
wvnsprintfW

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8f0e2e64f4d9f6b7f3aa73a15cbb16e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 300KB - Virtual size: 297KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 300KB - Virtual size: 297KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB