06eee04dcd41a2857df276308f096c0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06eee04dcd41a2857df276308f096c0a_JaffaCakes118
Size

200KB
MD5

06eee04dcd41a2857df276308f096c0a
SHA1

b97a41d4aa914914ed9cc9050333ac8e4de5e12f
SHA256

b0fc80daf1f28bf3e99739a81db3bea0b81b3822d44afc421c1142bec38d0054
SHA512

addf6921e9b7da388bee131b449526eadc31aaeb5242a03bd99e77ddf7b9e107b571e254185df06a9203f618b086e5b5bbec80e3367ccbfd63f6644b8baeb5fd
SSDEEP

6144:XI2llyJCUTI/rr76nLmxMH6kP/x80/BZMCfg:XI2GCHynHaknSWXM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06eee04dcd41a2857df276308f096c0a_JaffaCakes118

Files

06eee04dcd41a2857df276308f096c0a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ee8ef0790887797202c1ab7ca1311349

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalFree
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
HeapAlloc
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetLastError
lstrcpynA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap

user32

SetFocus
MapWindowPoints
LoadIconA
SetWindowTextA
ShowWindow
CharUpperA
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
AdjustWindowRectEx
DestroyWindow
CreateWindowExA
GetClassLongA
UnhookWindowsHookEx
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
ReleaseDC
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostMessageA
PostQuitMessage
GetSysColor
EnableWindow
OffsetRect
GetDC
GetClientRect
SendMessageA
GetFocus
InvalidateRect
IsWindow
DestroyIcon
LoadCursorA
GetTopWindow
GetWindow
IsWindowVisible
GetWindowRect
IntersectRect
IsRectEmpty
RedrawWindow
GetWindowLongA
SetPropA
ScreenToClient
GetDlgCtrlID
SetWindowLongA
GetPropA
DefWindowProcA
CallWindowProcA
UpdateWindow
ClientToScreen
FillRect
GetParent
GetMenuCheckMarkDimensions

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontIndirectA
GetCurrentObject
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ImageList_Destroy
ImageList_SetBkColor
ImageList_GetIcon
ImageList_Read
ord17
ImageList_GetImageCount
ImageList_Duplicate

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee8ef0790887797202c1ab7ca1311349

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 66KB

.rsrc Size: 20KB - Virtual size: 16KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 66KB

.rsrc
Size: 20KB - Virtual size: 16KB

.data
Size: 20KB - Virtual size: 17KB