f06450946d13f2e93dd439522965f9f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f06450946d13f2e93dd439522965f9f1_JaffaCakes118
Size

139KB
MD5

f06450946d13f2e93dd439522965f9f1
SHA1

f127bdab449c066c9c14e7b351cafd2e68e03020
SHA256

7dbf40a2969046abe7bb180bfd3130b9abe496b5d0194722e89bce234de24f17
SHA512

75d01974426fa9c85d74851f2a6f50a4582cd883e50d9fd2b5484d86f1453c48bfdce5dd621d8674dbc24ab42cd5c0262e07050f2e1bac05512d2f12781dd42b
SSDEEP

3072:UVC2jbvrmF2vbgZNQUwhOy363S/H+gBfA5hFuVCEAf:Ubfm4DzOUBY5hQj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f06450946d13f2e93dd439522965f9f1_JaffaCakes118

Files

f06450946d13f2e93dd439522965f9f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98e2ff045efce684ba1bd676aa565646

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetIconSize
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Draw
InitCommonControls
ImageList_GetDragImage
ImageList_Remove
ImageList_DragMove

shell32

ShellExecuteA

consxwan

_Wcrtomb
_Inf
_Xbig
_LExp
_LXbig
_Stold
_FExp
_LDscale

ole32

CoCreateInstance
RegisterDragDrop

gdi32

Ellipse
CreateDIBitmap
RoundRect
GetTextExtentPoint32A
GetTextExtentPoint32W
SetTextColor
CreateCompatibleDC
GetTextExtentPointA
EndDoc
FrameRgn
CreateRectRgn
SetViewportExtEx
SetBrushOrgEx
CreatePen
StartDocA
GetClipBox
GetSystemPaletteEntries
GetCurrentObject
CreateEnhMetaFileA
CreatePatternBrush
SaveDC
SelectObject
SelectClipRgn
StretchDIBits

user32

TranslateMDISysAccel
GetCursor
SetRectEmpty
CharUpperA
GetClassInfoA
ScrollDC
ScrollWindow
GetDC
SetScrollPos
InsertMenuA
GetIconInfo
SetParent
CopyImage
ClientToScreen
SetWindowLongA
IsIconic
GetSysColorBrush
GetActiveWindow
GetKeyNameTextW
DrawCaption
DispatchMessageW
GetKeyState
DestroyCaret
AdjustWindowRectEx
SetTimer
SetMenuItemInfoA
IsCharAlphaNumericA
ShowScrollBar
RemovePropA
InsertMenuItemA
ChildWindowFromPointEx
ShowCaret
CreatePopupMenu
RegisterClassA
GetKeyboardState
GetSystemMetrics
SetMenuItemInfoW
GetWindowPlacement
GetDlgItem

kernel32

lstrcpynA
LeaveCriticalSection
IsValidCodePage
MapViewOfFileEx
GetModuleHandleA
VirtualQueryEx
WaitForMultipleObjects
RtlUnwind
GlobalSize
lstrlenW
GetTickCount
GetWindowsDirectoryA
lstrcmpA
TerminateProcess
CreateThread
TerminateProcess
OpenProcess
SleepEx
GetFullPathNameA
CloseHandle
GlobalAlloc
CreateFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GlobalLock

winmm

timeGetTime

wininet

InternetSetOptionA
FtpOpenFileA
InternetWriteFile
HttpOpenRequestA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetOpenUrlA

advapi32

RegEnumValueA
RegSetValueExA
RegQueryValueExW

oleaut32

VariantInit
SafeArrayAccessData
GetActiveObject

version

VerQueryValueA

Sections

.text
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98e2ff045efce684ba1bd676aa565646

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shell32

consxwan

ole32

gdi32

user32

kernel32

winmm

wininet

advapi32

oleaut32

version

Sections

.text Size: 115KB - Virtual size: 116KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 17KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 115KB - Virtual size: 116KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB