06cef5c8039d1e5bacc40ef3c7061a0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06cef5c8039d1e5bacc40ef3c7061a0d_JaffaCakes118
Size

284KB
MD5

06cef5c8039d1e5bacc40ef3c7061a0d
SHA1

17d07a1c0d38cc771a5903579014f436d3eac31a
SHA256

883cc0aa9fd74ec1617d54dd5b0c887e43a8d645c24c5b6457ba216fcff352ad
SHA512

f1e66794101743ece660f7145343f3b9030e09f82a982f7e5ae9b27e7d994145ec39f888401061ec6eee75f5aef07938402d264c34d72f15039c6f34c6ba71bf
SSDEEP

3072:nGxFuJPXjotstabH2wtb+8YU/gvd/Aw0S9zTi+A4OzJptEomdFJkSmZxtaM9XwIp:nugJ0t9r0kezTi+zW/trIFJkSWjV3WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06cef5c8039d1e5bacc40ef3c7061a0d_JaffaCakes118

Files

06cef5c8039d1e5bacc40ef3c7061a0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

374b5245e05ee4285d06d0a6f1b2ad2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA
ImageList_DragEnter
PropertySheetW

version

GetFileVersionInfoA

kernel32

lstrcmpW
SwitchToThread
GetModuleFileNameA
UnhandledExceptionFilter
GetStartupInfoA
GetVersion
ExitProcess
GetProcAddress
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InterlockedDecrement
InterlockedIncrement
lstrlenA
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
LoadLibraryA
GetDriveTypeW
SetFilePointerEx
GetEnvironmentVariableW
OpenMutexA
GlobalSize
LocalUnlock
SetProcessWorkingSetSize
GetStringTypeW
ExitThread
SetThreadExecutionState
HeapAlloc
OpenFileMappingA
CreateMutexW
GetModuleHandleA
RaiseException
GetDiskFreeSpaceW
FileTimeToDosDateTime
ResumeThread
OpenMutexW
GetCommandLineA
VirtualAlloc
FindFirstFileW
Sleep
GlobalDeleteAtom
GetCommandLineW
GetUserDefaultLCID
Process32FirstW
GetLocalTime
GetPrivateProfileIntW
FindResourceA
GetCurrentProcess
SearchPathW
FormatMessageW
VirtualQuery
GetSystemDefaultLCID
GetLastError
GetNumberFormatW
WritePrivateProfileSectionA
CreateTimerQueueTimer
SetWaitableTimer
SetHandleCount
GetTimeZoneInformation
InitializeCriticalSection
SetUnhandledExceptionFilter

oleaut32

GetActiveObject

advapi32

GetSecurityDescriptorLength
LookupPrivilegeValueW
OpenServiceA
GetSecurityDescriptorGroup
GetTokenInformation
RegQueryInfoKeyA
SetThreadToken
RegSetKeySecurity
ControlService
AllocateAndInitializeSid
IsValidSid
QueryServiceConfigA
EqualSid
AddAce
RegSetValueExA
LookupPrivilegeValueA
LookupAccountNameW
ReportEventW
RegOpenKeyA
StartServiceCtrlDispatcherW

gdi32

CreateBrushIndirect
GetDIBits
GetViewportOrgEx
GetStockObject
EnumFontFamiliesA
FillRgn
CreateICA
OffsetRgn
EnumEnhMetaFile
OffsetViewportOrgEx
SelectObject
CreateBitmap
SetBitmapBits
GetTextExtentExPointW
SetMapperFlags
SetRectRgn
SetDIBColorTable
SetEnhMetaFileBits
GetRgnBox
GetObjectA
GetTextFaceA
CopyMetaFileA
DeleteDC
RealizePalette

ole32

CreateStreamOnHGlobal
StgIsStorageFile
CoTreatAsClass
StringFromCLSID
CreateILockBytesOnHGlobal
GetRunningObjectTable
CreateBindCtx
OleLockRunning
OleQueryCreateFromData
OleRegGetMiscStatus

shlwapi

StrRetToStrW
PathRemoveFileSpecA
PathRenameExtensionW

comdlg32

GetOpenFileNameW
GetFileTitleA
GetOpenFileNameA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHBrowseForFolderW
SHBrowseForFolderA

user32

SetParent
UnregisterClassW
SetWindowWord
ValidateRgn
LoadCursorW
SubtractRect
DdeFreeDataHandle
DdeCreateDataHandle
GrayStringW
SendDlgItemMessageW
ActivateKeyboardLayout
LoadCursorA
WindowFromPoint
LoadStringA
SetRectEmpty
GetMenuItemCount
GetMenuItemInfoA
GetMenuStringW
GetClassLongA
CreateAcceleratorTableW
GetCaretPos
UnionRect
CopyAcceleratorTableA
CallWindowProcA
GetWindowDC
MsgWaitForMultipleObjects
SetDlgItemTextW
TrackMouseEvent
ModifyMenuW
InflateRect
GetWindowTextLengthA
LockWindowUpdate
GetWindowPlacement
CharPrevA
LoadImageW
SetPropW
DrawEdge
GetKeyNameTextA
RegisterClipboardFormatW
RegisterWindowMessageW
DdeCreateStringHandleW
DdeInitializeW
InsertMenuW
FlashWindow
GetSysColor
GetClassNameW
HideCaret
GetWindowWord
WinHelpW

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

374b5245e05ee4285d06d0a6f1b2ad2e

Headers

File Characteristics

Imports

comctl32

version

kernel32

oleaut32

advapi32

gdi32

ole32

shlwapi

comdlg32

shell32

user32

Sections

.text Size: 220KB - Virtual size: 219KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 3KB