06f737bf5b7f5bafae03f2d525171dba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06f737bf5b7f5bafae03f2d525171dba_JaffaCakes118
Size

134KB
MD5

06f737bf5b7f5bafae03f2d525171dba
SHA1

ed4f370dcb7477817554c965b5a963207296fd6c
SHA256

69720a056d4aeb9128536c7d50451902c800b491407519e16e6e80951270fa72
SHA512

0fdb0f66812bed5b2c580755bbfe152a577b6e60d16c547e71c513dc70e53e81a1cc2b9f63cdf508b8a0f093062952dffa0a506725509cc905323e292400ac9e
SSDEEP

3072:4ncEt5Pt6EQHKLCtq5j8ctIlYbgHNFg9RVpke3m:4NCE0KF558YhRV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f737bf5b7f5bafae03f2d525171dba_JaffaCakes118

Files

06f737bf5b7f5bafae03f2d525171dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4222e1de66e3239c3c230ae6c924b08f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
ExitProcess
GetCommandLineA
TerminateProcess
lstrcpynA
EnterCriticalSection
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
GetLocaleInfoW
CloseHandle
RtlUnwind
GetStartupInfoA
GetModuleHandleA
SetErrorMode
GlobalAddAtomA
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
GetFullPathNameA
LoadLibraryA
FindFirstFileA
FindClose
GetProcAddress
FreeLibrary
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
GetLastError
GetProcessVersion
WritePrivateProfileStringA
SetLastError
GlobalFlags
VirtualFree
TlsGetValue
LocalReAlloc
MultiByteToWideChar
TlsSetValue
GlobalReAlloc
VirtualAlloc
LeaveCriticalSection
WideCharToMultiByte
lstrlenA
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
MulDiv
GetVersion
GlobalGetAtomNameA
GlobalUnlock
GlobalFree
LocalFree
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
DeleteFileA
GlobalLock
lstrcatA
lstrcpyA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
InterlockedIncrement
InterlockedDecrement
RemoveDirectoryA

user32

InvalidateRect
ShowWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
LoadStringA
GetSysColorBrush
CharUpperA
DestroyMenu
SetWindowTextA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
FindWindowA
GetSubMenu
GetMenuItemID
GetMenu
ScreenToClient
GetWindowTextA
GetDlgCtrlID
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
EndDialog
SetActiveWindow
IsWindow
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
UpdateWindow
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
DefWindowProcA
RegisterClassA
GetMenuItemCount
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
GetClassLongA
CreateWindowExA
UnregisterClassA

gdi32

SetTextColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
CreateBitmap
SetBkColor

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4222e1de66e3239c3c230ae6c924b08f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 15KB - Virtual size: 28KB

.rsrc Size: 16KB - Virtual size: 20KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 15KB - Virtual size: 28KB

.rsrc
Size: 16KB - Virtual size: 20KB