06d745f0eca00d1f6ba95ad8a8f00f81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06d745f0eca00d1f6ba95ad8a8f00f81_JaffaCakes118
Size

166KB
MD5

06d745f0eca00d1f6ba95ad8a8f00f81
SHA1

73d5fcc03b1bfc920dcb9434811ca1f9bdaa0edb
SHA256

dbd95dcd3c0961fb21f14687b4945955296e244b4c4c24913d41542980ee2ed1
SHA512

c5d3d7ae3f4a264dc48ebf403ebb49b2171ace79df71231bdc91b39231e96060352073f9b2e02885bfd075d9c038c163b7b8a1e2121514f7c2b518639592c09a
SSDEEP

3072:DaGuHqnPHuPYG9D+vnFmDQ8ouGJdCspJhWsBAxYpIBH0NH:gH/D+dmDUDCmJkSsY2hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06d745f0eca00d1f6ba95ad8a8f00f81_JaffaCakes118

Files

06d745f0eca00d1f6ba95ad8a8f00f81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85ee8633b18cb277d43a2e0db3c498af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FreeResource
SetThreadLocale
GetACP
ExitProcess
SetEvent
InitializeCriticalSection
SetLastError
ReadFile
GetCommandLineA
FormatMessageA
GlobalDeleteAtom
GetModuleHandleA
GetStringTypeA
MulDiv
GetUserDefaultLCID
EnumCalendarInfoA
GlobalFindAtomA
GetCurrentProcessId
LockResource
FindClose
GetFullPathNameA
FindFirstFileA
DeleteCriticalSection
GetProcessHeap
GetProcAddress
RaiseException
GetOEMCP
VirtualAlloc
GetLocaleInfoA
GetStdHandle
GetThreadLocale
EnterCriticalSection
GetStartupInfoA
WriteFile
GetCurrentProcess
GetFileType
ExitThread
GetVersion
CloseHandle
Sleep
GetLocalTime
CompareStringA
LocalFree
GetVersionExA
GlobalAlloc
LocalAlloc
lstrcatA
GetModuleFileNameA
GetFileSize
SetEndOfFile
SizeofResource
ResetEvent
LoadLibraryExA
SetHandleCount
GetFileAttributesA
CreateThread
lstrcpyA
lstrcpynA
LocalReAlloc
SetErrorMode
GetCPInfo
VirtualAllocEx
lstrlenA
lstrcmpA
GetStringTypeW
GetEnvironmentStrings
SetFilePointer
MoveFileA
HeapFree
LoadResource
WideCharToMultiByte
HeapDestroy
HeapAlloc
GetTickCount
VirtualFree
GetDiskFreeSpaceA
GetSystemDefaultLangID
lstrcmpiA
FindResourceA
GetDateFormatA
FreeLibrary
MoveFileExA
CreateEventA
GetCurrentThread
CreateFileA
VirtualQuery
GlobalAddAtomA
DeleteFileA
LoadLibraryA
WaitForSingleObject
GetCurrentThreadId

shlwapi

PathIsDirectoryA
PathIsContentTypeA
SHStrDupA
SHQueryValueExA
PathGetCharTypeA
SHDeleteKeyA
PathFileExistsA
SHEnumValueA

oleaut32

SafeArrayGetUBound
SysStringLen
GetErrorInfo
VariantCopyInd
SysAllocStringLen
OleLoadPicture
VariantChangeType
SysReAllocStringLen
SafeArrayGetElement

comctl32

ImageList_Destroy
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Remove
ImageList_Read

comdlg32

ChooseColorA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

gdi32

GetDCOrgEx
GetDIBColorTable

msvcrt

mbstowcs
exit
abs
memcpy
wcschr
sprintf
memcmp
swprintf
srand
wcscspn
log
time
rand
wcsncmp
fabs
log10
memmove

user32

CheckMenuItem
EnumChildWindows
GetActiveWindow
SetWindowPos
CreateMenu
GetMenuItemID
CharLowerA
DispatchMessageW
IsChild
FindWindowA
FrameRect
GetScrollPos
DeferWindowPos
EnumWindows
GetKeyState
GetMenuItemCount
GetCursorPos
DefWindowProcA
GetParent
CharLowerBuffA
GetCursor
GetWindow
GetFocus
GetLastActivePopup

version

GetFileVersionInfoA

Sections

CODE
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 119KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85ee8633b18cb277d43a2e0db3c498af

Headers

File Characteristics

Imports

kernel32

shlwapi

oleaut32

comctl32

comdlg32

gdi32

msvcrt

user32

version

Sections

CODE Size: 43KB - Virtual size: 43KB

INIT Size: 119KB - Virtual size: 198KB

.rdata Size: 512B - Virtual size: 312B

.bss Size: 2KB - Virtual size: 1KB

CODE
Size: 43KB - Virtual size: 43KB

INIT
Size: 119KB - Virtual size: 198KB

.rdata
Size: 512B - Virtual size: 312B

.bss
Size: 2KB - Virtual size: 1KB