06cfb3db503f956e5f85d8935cb81b14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06cfb3db503f956e5f85d8935cb81b14_JaffaCakes118
Size

1.1MB
MD5

06cfb3db503f956e5f85d8935cb81b14
SHA1

8d92f9ce6dc2fc6f2190fbe7960c9e6cb1ef8a43
SHA256

e55788e35c6047ac802c93da1357b236f567a00063a427e6a63336c958dafc7e
SHA512

d345ccdf3167f10c732bf3da2c9d2656ab6a1dd06424dceb653113a931bb544b0b616bccc730b733f4316d798dee44ba562efdbf694bd0872a57ab5d92c1c49a
SSDEEP

24576:u8vNRvc7DLdYjfcbCDKXCv93W6+z4xpE6PCYodaPVJP+xyI9:u8vvvcDUfcbq+zgE6P1odcg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06cfb3db503f956e5f85d8935cb81b14_JaffaCakes118

Files

06cfb3db503f956e5f85d8935cb81b14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db96d164ebe762dd87c3dc35c7c59431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
ImageList_Replace
ImageList_DrawIndirect
CreatePropertySheetPageW
ImageList_Write
ImageList_AddMasked
DestroyPropertySheetPage
GetEffectiveClientRect
CreateToolbarEx
ImageList_GetImageRect
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Create
CreatePropertySheetPage
ImageList_Duplicate
ImageList_Destroy
ImageList_SetIconSize
DrawStatusTextW
ImageList_DragEnter
DrawStatusText
ImageList_GetImageInfo
ImageList_SetImageCount

kernel32

SetEnvironmentVariableW
CloseHandle
ReadFile
GetProcAddress
InterlockedDecrement
GetThreadTimes
GetCommandLineA
EnterCriticalSection
FreeLibrary
TerminateProcess
VirtualQuery
GetStartupInfoA
WideCharToMultiByte
GetDateFormatA
UnhandledExceptionFilter
LoadLibraryA
GetCurrentThread
Sleep
GetConsoleOutputCP
TlsGetValue
EnumSystemLocalesA
DeleteCriticalSection
GetVersionExA
GetLocaleInfoA
VirtualFree
LeaveCriticalSection
CompareStringW
WriteConsoleA
TlsSetValue
SetStdHandle
GetVersion
GetCurrentThreadId
GetModuleFileNameA
SetLastError
GetCPInfo
SetEnvironmentVariableA
GetStringTypeW
GetACP
GetEnvironmentStrings
GetModuleHandleA
GetUserDefaultLCID
ExitProcess
IsValidLocale
QueryPerformanceCounter
RtlFillMemory
GlobalUnfix
WritePrivateProfileStructW
OpenMutexA
InterlockedExchange
FreeEnvironmentStringsA
HeapCreate
GetLocaleInfoW
GetLastError
SetUnhandledExceptionFilter
GetFileType
GetCurrentProcess
LCMapStringW
GetExitCodeProcess
GetOEMCP
GetConsoleCP
GetProcessHeap
HeapAlloc
FlushFileBuffers
FreeEnvironmentStringsW
GetLocalTime
CreateMutexA
CompareStringA
SetFilePointer
IsDebuggerPresent
IsValidCodePage
TlsAlloc
MultiByteToWideChar
ExpandEnvironmentStringsA
HeapFree
WriteFile
GetTimeZoneInformation
LCMapStringA
GetTickCount
CreateFileA
GetConsoleMode
GetCurrentProcessId
GetTimeFormatA
HeapDestroy
GetStringTypeA
GetStdHandle
HeapReAlloc
GetEnvironmentStringsW
GetSystemTimeAsFileTime
SetHandleCount
SetConsoleCtrlHandler
RtlUnwind
WriteConsoleW
TlsFree
VirtualAlloc
InterlockedIncrement
HeapSize
InitializeCriticalSection

user32

CreateWindowExW
ShowWindow
FindWindowExW
RegisterClassExA
RegisterClassA
MessageBoxW

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 729KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db96d164ebe762dd87c3dc35c7c59431

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 327KB - Virtual size: 327KB

.rdata Size: 46KB - Virtual size: 63KB

.data Size: 729KB - Virtual size: 728KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 327KB - Virtual size: 327KB

.rdata
Size: 46KB - Virtual size: 63KB

.data
Size: 729KB - Virtual size: 728KB

.rsrc
Size: 24KB - Virtual size: 23KB