06cf057400287857daf073b6d6e783e6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06cf057400287857daf073b6d6e783e6_JaffaCakes118
Size

92KB
MD5

06cf057400287857daf073b6d6e783e6
SHA1

a9242b8f201ee2750befa465723949adaf8ecd94
SHA256

c9428751a54b950ec3e311b14f912930a2c46c3a9acf123311a63954dd62bad9
SHA512

53d6ce55f71376bd61ad30069710142a4314af91b1b2754353dbc1bf94a902640cc50eb934750197a1557fc44a01b08710897505900b1c65a7b6a3cf2494dca1
SSDEEP

1536:mBTu801I1fWDzXotcc160uyS8MZcfzV+T:QTP1uDzX9c17uyS1cfR+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06cf057400287857daf073b6d6e783e6_JaffaCakes118

Files

06cf057400287857daf073b6d6e783e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8509c3583816bceb9cf63e34e0a73c01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ngen.pdb

Imports

msvcr71

wcsncpy
wcsrchr
wcstoul
wcscat
strncmp
_vsnwprintf
realloc
memmove
strlen
strchr
wcsncmp
vswprintf
printf
free
malloc
_wcsicmp
tolower
memset
wcscmp
wcscpy
exit
swprintf
wcslen
__CxxFrameHandler
wprintf
_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
__p___winitenv
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
__dllonexit
_onexit
_controlfp
memcpy

kernel32

CreateMutexA
FatalAppExitW
FatalAppExitA
OutputDebugStringW
OutputDebugStringA
FindFirstFileW
FindFirstFileA
FindClose
GetDateFormatW
GetDateFormatA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
CreateSemaphoreW
CreateSemaphoreA
GetVolumeInformationW
GetVolumeInformationA
GetDriveTypeW
GetDriveTypeA
DeleteFileW
MoveFileExW
DeleteFileA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
CreateFileW
CreateFileA
GetFileType
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
RaiseException
GetPrivateProfileIntA
SearchPathW
GetSystemTimeAsFileTime
FormatMessageW
FormatMessageA
LoadLibraryExW
LoadLibraryExA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
GetDiskFreeSpaceExW
GetDiskFreeSpaceExA
FindResourceW
FindResourceA
SetLastError
GetTempFileNameW
GetTempFileNameA
GetFullPathNameW
GetFullPathNameA
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetCurrentDirectoryA
EnumResourceLanguagesW
GetCPInfo
WideCharToMultiByte
GetComputerNameW
GetComputerNameA
GetVersionExW
GetVersionExA
GetModuleFileNameW
GetModuleFileNameA
lstrlenW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineW
FindNextFileW
FindNextFileA
GetWindowsDirectoryW
GetWindowsDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
WaitForSingleObject
CloseHandle
ExitProcess
LocalFree
LocalAlloc
CreateMutexW
CreateEventA
CreateEventW
OpenEventA
OpenEventW
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
LoadLibraryA
SetFileAttributesA
SetFileAttributesW
GetEnvironmentVariableA
GetEnvironmentVariableW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
CreateProcessA
CreateProcessW
lstrcatW
lstrcpyW
FreeLibrary
GetProcAddress
OpenProcess
GetSystemInfo
WriteFile
GetStdHandle
VirtualAlloc
VirtualQuery
GetProcessAffinityMask
GetCurrentProcess
SearchPathA
GetLastError
MultiByteToWideChar
GetSystemDirectoryA
GetSystemDirectoryW

mscoree

CorBindToRuntimeEx
GetRequestedRuntimeVersion
GetRealProcAddress
GetCORSystemDirectory

user32

GetUserObjectInformationW
LoadStringW
LoadStringA
GetMessageW
GetMessageA
IsDialogMessageW
IsDialogMessageA
SetWindowLongA
GetWindowLongA
TranslateAcceleratorW
GetProcessWindowStation
DefWindowProcW
DefWindowProcA
GetClassNameW
GetClassNameA
PostMessageW
PostMessageA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
GetWindowTextW
GetWindowTextA
SystemParametersInfoA
CallWindowProcA
GetWindowLongW
SetWindowLongW
CharPrevW
SendDlgItemMessageW
GetDlgItem
SetDlgItemTextW
SendMessageA
SendMessageW
LoadMenuA
LoadMenuW
GetClassInfoA
GetClassInfoW
RegisterClassA
RegisterClassW
CreateWindowExA
CreateWindowExW
LoadAcceleratorsA
LoadAcceleratorsW
LoadImageA
LoadImageW
MessageBoxA
MessageBoxW
CreateDialogParamA
CreateDialogParamW
DialogBoxParamA
DialogBoxParamW
LoadIconA
LoadIconW
LoadCursorA
LoadCursorW
SetWindowTextA
SetWindowTextW
SetDlgItemTextA
TranslateAcceleratorA

advapi32

RegSetValueExA
RegisterEventSourceA
ReportEventW
DeregisterEventSource
LookupAccountNameW
LookupAccountNameA
LookupAccountSidW
LookupAccountSidA
CryptAcquireContextA
RegQueryValueExW
RegReplaceKeyW
RegReplaceKeyA
RegRestoreKeyW
RegRestoreKeyA
RegUnLoadKeyW
RegUnLoadKeyA
RegLoadKeyW
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueW
RegQueryValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegDeleteKeyW
RegDeleteKeyA
SetFileSecurityW
SetFileSecurityA
LookupPrivilegeValueW
LookupPrivilegeValueA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegEnumValueW
RegEnumValueA
GetUserNameW
GetUserNameA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegEnumKeyExA

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8509c3583816bceb9cf63e34e0a73c01

Headers

File Characteristics

PDB Paths

Imports

msvcr71

kernel32

mscoree

user32

advapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 856B

.rsrc Size: 4KB - Virtual size: 1KB

.ndata Size: 20KB - Virtual size: 20KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 856B

.rsrc
Size: 4KB - Virtual size: 1KB

.ndata
Size: 20KB - Virtual size: 20KB